Microsoft fixes IIS FTP security bug

Microsoft has released a patch that eliminates a vulnerability in its Internet Information Server (IIS) FTP service. This vulnerability could allow a denial of service attack against the IIS server or could allow arbitrary code to be executed directly on the server.

Microsoft recommends that customers who are using the FTP service in IIS 3.0 or 4.0 apply the patch.

For more information about this security bug, please refer to the Microsoft Knowledge Base (KB) article Q188348, "Specially-Malformed FTP Requests Can Create Denial of Service," on the Microsoft Web site

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.