Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: Introducing ModSecurity IIS 2.7.2 Stable Release

    We are pleased to announce the release of a stable version of the open source web application firewall module ModSecurity IIS 2.7.2 . Since the announcement of availability of the beta version in July 2012 , we have been working very hard to bring the quality of the module to meet the enterprise class...
  • Blog Post: MS10-065: Exploitability of the IIS FastCGI request header vulnerability

    This month, Microsoft released an update for IIS that addresses three vulnerabilities. The blog post focuses on one of these: the Request Header Buffer Overflow Vulnerability (CVE-2010-2730), which affects IIS version 7.5 and has a maximum security impact of Remote Code Execution (RCE). Below we provide...
  • Blog Post: Details on the New TLS Advisory

    Security Advisory 977377: Vulnerability in TLS Could Allow Spoofing In August of 2009, researchers at PhoneFactor discovered a vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. As the issue is present in the actual TLS/SSL-standard, not only our implementation...
  • Blog Post: Regarding MS11-004, Addressing an IIS FTP Services Vulnerability

    Today we released MS11-004 to address a vulnerability in the Microsoft FTP service an optional component of Internet Information Services (IIS). In this blog, we would like to cover some additional technical details of this vulnerability. First, we want to clarify that the vulnerability lies in the...
  • Blog Post: More information about the IIS authentication bypass

    Security Advisory 971492 provides official guidance about the new IIS authentication bypass vulnerability. We’d like to go into more detail in this blog to help you understand: Am I at risk? If so, what could happen? How can I protect myself? Which IIS configurations are at risk? Only...
  • Blog Post: Announcing the availability of ModSecurity extension for IIS

    Vulnerabilities in on-line services, like cross-site scripting, cross-site request forgery, or even information disclosure, are important areas of focus for the Microsoft Security Response Center (MSRC). Over the last few years Microsoft has developed a number of tools capable of mitigating selected...
  • Blog Post: Defending Websites from XSS attacks with ModSecurity 2.7.3 and OWASP Core Rule Set 2.2.7

    Even though cross-site scripting vulnerabilities have a 15-year history, they remain a big problem in the web security space. According to our research, there are hundreds of new issues discovered each month, and at least a few of them are being used in high-severity attacks. The general problem of...
  • Blog Post: New vulnerability in IIS5 and IIS6

    This afternoon, the MSRC posted a security advisory describing a newly-disclosed vulnerability in the IIS FTP service that could potentially grant remote code execution to untrusted users. You can find the advisory here . Vulnerability summary The vulnerability is a stack overflow in the FTP service...
  • Blog Post: Answers to the IIS WebDAV authentication bypass questions

    We have heard several questions from customers about the WebDAV authentication bypass issue on IIS. We wanted to post common questions and answers here to help anyone else who might have the same question. Question: Is Sharepoint vulnerable to the authentication bypass? Answer: No , Sharepoint...