Patch/Configuration Management, Vulnerability Management

Microsoft IIS 0-day

August 31, 2009

Proof-of-concept code for a new Microsoft zero-day stack overflow vulnerability was posted Monday on exploit repository Milw0rm. The exploit is present in the file transfer protocol (FTP) module in Microsoft Internet Information Server (IIS) 5.0 and 6.0, the SANS Internet Storm Center said in a blog post Monday. A Microsoft spokeswoman told SCMagazineUS.com that the company is investigating the vulnerability but is not aware of any in-the-wild exploits.

Angela Moscaritolo

RSAC

BSides SF: Using AI to spot shadow patches in open-source software

Paul WagenseilApril 27, 2025

An indisputable security use case for ChatGPT: scouring open-source changelogs for undisclosed vulnerability patches.

Vulnerability Management

SAP patches zero day rated 10.0 in NetWeaver

Steve ZurierApril 25, 2025

Attackers observed exploiting vulnerability in SAP's NetWeaver Visual Composer product.

Vulnerability Management

Actively exploited CVEs rise in Q1, report finds

SC StaffApril 25, 2025

Threat actors have exploited 159 CVEs during the first three months of 2025, compared with 151 during the last quarter of 2024, with almost a third of vulnerabilities leveraged in attacks within a day of their disclosure, according to The Hacker News.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Related Terms

Bug Buffer Overflow Disassembly