IIS Answers Security Bulletin - IIS Download.JCT
*********************************
IIS Answers Security Bulletin
IIS Download.JCT
06/25/2004
*********************************
A new attack is making the news and when that happens, people go wild so I though it would prudent to release a rare bulletin.
Two things: First this is an IIS 5 attack. Microsoft has released a statement that sort of says the attack exploits vulnerabilities that are fixed by MS04-011. However they do NOT go so far as to say that applying MS04-011 will definitely fix the problem.
News articles can be found at http://www.msnbc.msn.com/id/5290386/ and http://www.infoworld.com/article/04/06/24/HNnewattack_1.html
But the real details are at http://isc.incidents.org/
Snort rules can be found at http://snort.infotex.com/cgi-bin/viewcvs.cgi/Stable/VIRUS_Unknown_IIS_Worm?r1=1.7&only_with_tag=MAIN
Microsoft's typically introverted response is http://www.microsoft.com/security/incident/download_ject.mspx.
If you have problems and/or want to discuss or report issues, please join the IIS 5 discussion list at www.iislists.com. Further bulletins will be coming as the facts are determined.
Thanks,
Brett Hill
IIS MVP