Hotfixes for Microsoft IIS 'Remote Code Execution' Vulnerabilities Addressed in September 2010 Patch Cycle

Microsoft released a September bulleting that addresses three IIS vulnerabilites. Two of these were responsibly discolsed, while one was publicly disclosed. The knowledge base articles for each of the three vulnerabilities are linked below and contain affected platform information.CVE-2010-1899 [classic ASP]: Denial of Service: KB2124261CVE-2010-2730 [fastCGI]: Remote Code Execution: KB2271195CVE-2010-2731 [Authentication]: Elevation of Privilege: KB2290570More […]

Microsoft released a September bulleting that addresses three IIS vulnerabilites. Two of these were responsibly discolsed, while one was publicly disclosed. The knowledge base articles for each of the three vulnerabilities are linked below and contain affected platform information.

CVE-2010-1899 [classic ASP]: Denial of Service: KB2124261
CVE-2010-2730 [fastCGI]: Remote Code Execution: KB2271195
CVE-2010-2731 [Authentication]: Elevation of Privilege: KB2290570

More Info: Microsoft Security Bulletin MS10-065