News

Sadmind/IIS Worm Hitting Unpatched Systems

Attackers are exploiting old vulnerabilities in Solaris and IIS Web servers with a new malicious worm called the sadmind/IIS Worm to attack more Solaris and IIS Web servers and deface Web pages, according to an advisory issued Tuesday by CERT.

The exploit relies on administrators having failed to install a two-year-old buffer overflow vulnerability patch in Solaris and a seven-month-old vulnerability patch in IIS, according to the CERT advisory.

Compromised Solaris systems attack Microsoft IIS Web servers and also propogate the virus to other vulnerable Solaris systems.

Web page defacement appears to affect only IIS systems, which display Web pages reading: “f--- USA Government, f--- PoizonBOx.”

The IIS vulnerability allows an attacker to use a malformed URL to access various files and folders on a Web server and execute operating system commands, allowing for no end of mischief.

The original Microsoft patch can be found here.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Previews Windows Autopilot for HoloLens 2

    Microsoft on Friday announced a public preview of Windows Autopilot for HoloLens 2, its mixed-reality headset.

  • Microsoft Flirts with Charging for API Software Connections

    Microsoft may have started something new by attempting to charge its customers for software that uses its application programming interfaces (APIs).

  • Overcoming Spacesuit Anxiety During Astronaut Training

    Spacesuits are heavy, claustrophobic and hot -- an uncomfortable combination for many would-be astronauts. Here's how Brien came around to the idea of wearing one.

  • Microsoft Announces Azure Kubernetes Service Enhancements

    Microsoft this week announced a few Azure Kubernetes Service (AKS) product milestones as part of the KubeCon event.

comments powered by Disqus