Reasons to Avoid Microsoft
MS IIS Webserver
These pages are a compilation of links and quotes to news articles and
others sources that might help convince you to switch to Linux.
Last 3 Articles
Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38
- ASP.NET Security Flaw Can Bypass Password
A security flaw in Microsoft's ASP.NET technology could allow
intruders to enter password-protected areas of a web site by altering
a URL. ... It also apparently allows authenticated users to bypass
password protection on administrative areas of a site.
- U.S., citing security concerns, steers consumers away from IE
of Homeland Security's U.S. Computer Emergency Readiness Team touched
off a storm this week when it recommended for security reasons using
browsers other than Microsoft Corp.'s Internet Explorer. ... The
particular virus initiated this week ... allows keystroke analysis of
user information. The target is believed to be credit card numbers. CERT
estimated that as many as tens of thousands of Web sites may [have been
infected with the malicious code, via a vulnerability in Microsoft's
'Internet Information Services' webserver software].
- Microsoft warns on IIS 5 and IE attack
of web pages that, when executed, attempts to access a file hosted
on another server. 'This file may contain malicious code that can
affect the end user's system. US-CERT is investigating the origin of
the IIS 5 compromises and the impact of the code that is downloaded
to end-user systems,' the organisation said.
- New IIS exploit could be one of many
The vulnerability concerns an unchecked buffer in a core Windows 2000
component called ntdll.dll that is used to handle the [WebDav] extensions
to HTTP. ... An attacker could use the vulnerability to ... [create]
a denial of service (DOS) attack against ... or [execute] their own malicious
code in the security context of the IIS service, giving them unfettered
access to the vulnerable system...
- Microsoft Warns Windows Users About Flaw
Microsoft Corp. on Wednesday warned about a serious flaw in all versions of
its popular Windows software that could allow hackers to seize control of a
person's computer when victims read e-mails or visit Web sites. ... It was
particularly unusual because it affected so many different versions of
Windows, from Windows 98 to its latest Windows XP editions.
- U.S. military computer attacked
Another source told MSNBC.com that several Web sites with '.mil' domain names
have recently been targeted with the same attack method. Microsoft's director
of security assurance, Steve Lipner, confirmed that several customers were
hit with the attack last week, but he refused to identify them.
The flaw allows an attacker to break into computers running Microsoft's
Windows 2000 operating system and Microsoft's Internet Information Service
Web server product - probably the most popular configuration for Web servers
running Microsoft software ... All machines are vulnerable by default.
- Really critical hole in Microsoft Web software
ust one day after raising the threshold beyond which it considers security
vulnerabilities 'critical,' Microsoft Corp released a security advisory
saying there is a 'critical' hole in its browsers and web servers that could
cause serious problems, even if it is patched. ... 'This vulnerability is
rated critical because an attacker could take over an IIS server or an
Internet Explorer client and run code,' Microsoft warned. ... To make matters
worse, it is currently possible to make patched systems vulnerable again,
Microsoft said. A malicious attacker would be able to reintroduce the
vulnerable control with just a specially [written] HTML document.
Users that have their browsers configured to trust Microsoft-signed ActiveX
controls by default would have the vulnerability reintroduced without their
- Microsoft FrontPage Susceptible To Major Security Flaws
Critical flaw in FrontPage server extensions lets attackers seize control
of Web servers or crash the system. Administrators barely had time to test
and batch last week's round of critical Microsoft vulnerabilities before the
company issued yet another critical warning.
- FrontPage flaw places servers in jeopardy
Microsoft warned Web site administrators on Wednesday that a flaw in its
FrontPage extensions could allow an attacker to take control of their servers
or cause the computers to seize up. ... Despite launching its Trustworthy
Computing initiative in January, the software giant has racked up more than
70 vulnerabilities outlined in 53 advisories this year.
- MS security hole extravaganza
MS has been sitting on a number of security holes which it's decided
to dump on us all at once. ... MS soft-pedals the severity in classic
form, labeling this one "Moderate." But the eEye bulletin rightly points
out that a target machine can be owned with a single session if the attacker
knows what he's doing. ... Apparently, users had trusted the MS
patch to fix their systems properly. Well it didn't... Apparently, the
[previously reported Gopher exploit] is a bit worse than MS had originally
thought, and affects not [just] IE...
- Microsoft Discloses Software Flaw
Microsoft acknowledged a serious flaw Wednesday in its Internet server
software that could allow sophisticated hackers to seize control of websites,
steal information and use vulnerable computers to attack others online. ...
it [is] impossible to know how many customers followed [advice to]
shut off the [vulnerable] feature, which is turned on automatically the
first time the software is installed.
- Apache 2.0 Beats IIS at Its Own Game
Enterprises last week had 11 more reasons to rethink using IIS: 10 new
security holes in the Microsoft Web server and the arrival of Apache 2.0.
... When it comes to security, IIS doesn't come close to Apache. Apache's
security track record is excellent, while IIS has taken hit after security
hit. Just last week, Microsoft announced that 10 new security holes (several
of which were serious buffer overruns) had been discovered in IIS.
- Anti-Unix Web site back online
Although it's less than a week old, the site has received a great deal of
attention, but probably not the kind that Microsoft and Unisys wanted.
Early this week, it was discovered that the anti-Unix site ran on Web
servers powered by FreeBSD, an open-source version of Unix ... The
companies shifted the site over to Windows 2000 and Microsoft Internet
Information Server on Tuesday, the same day the site went blank.
- Microsoft's anti-Unix campaign backfires
A $30 million advertising campaign ... has turned into a public relations
nightmare for [Microsoft and Unisys]. ... Embarrassed by the revelation that
the promotional website was actually running [Unix] ..., sysadmins hurriedly
switched the system over to a Windows/IIS combination. ... The campaign
didn't name the evil from which users should flee [but hinted at Sun
Microsystems] ... but the alternative on offer was to jump through a
window, which literate readers will know as defenestration, a popular
way of inviting kings to commit suicide in 17th century Europe. The
'jump to your death' route seems to be the path followed by the
advertisers themselves, as the promotional website itself has performed
some form of ritual suicide in its migration to Windows.
- Hackers Deface Thousands Of Domains Parked At Verisign
A security breach Tuesday involving Verisign's Network Solutions unit
disrupted potentially thousands of domain customers ... Attackers
compromised a system that hosted thousands of 'parked' domains that had
been registered through Network Solutions and were still under construction
... The system [was] running Microsoft's Internet Information Server (IIS)
on Windows 2000.
- FBI: Microsoft IIS most vulnerable
[The] FBI found is that some problems are more widespread than others. 'This
year it's Microsoft IIS,' Paller says, 'because it's so widespread and so
easy to break into.' Adding to the problem is that so many installations
aren't known to the companies that have them. Unfortunately for security
managers, installations of Windows NT, Windows 2000, and Windows XP can
also include a fully functional Web server that's created at the time the
operating system is installed...
- Researchers say Nimda set to propagate again
'We rechecked the code base to Nimda, and we found a code set that is
supposed to respread Nimda through e-mail systems starting 10 days after
machines were first infected'
- Global Routing Instabilities during Code Red II and Nimda Worm Propagation
[We] have documented a compelling connection between global routing
instability and the propagation phase of Microsoft worms such as Code Red
and Nimda. Contrary to conventional wisdom, what were thought to be purely
traffic-based denials of service in fact are seen to generate widespread
end-to-end routing instability originating at the Internet's edge. ...
The steep exponentially growth of the September 18 [Border Gateway
Patrol] storm is aligned with the exponential spread of Nimda, the
most virulent Microsoft worm seen to date. The Nimda worm exhibits
extremely high scan rates, multiple attack modes generating very heavy
traffic, and has been much more damaging that the July Code Red worm.
- Nimda Worm Shows You Can't Always Patch Fast Enough
Gartner recommends that enterprises hit by both Code Red and Nimda
immediately investigate alternatives to IIS, including moving Web
applications to Web server software from other vendors, such as
iPlanet and Apache. ... they have much better security records than IIS ...
[We remain] concerned that viruses and worms will continue to attack IIS
until Microsoft has released a completely rewritten, thoroughly and
publicly tested, new release of IIS. Sufficient operational testing should
follow to ensure that the initial wave of security vulnerabilities every
software product experiences has been uncovered and fixed. This move should
include any Microsoft .NET Web services, which requires the use of IIS.
[We belive] that this rewriting will not occur before year-end 2002.
- Nimda: W32.nimda.a.mm
(...The rate of growth and spread [of this worm] is exceedingly rapid -
significantly faster than any worm to date...) A new IIS worm is spreading
rapidly. ... TruSecure believes that this worm will infect any IIS 4 and
IIS 5 box with well known vulnerabilities. We believe that there are
nearly 1Million such machines currently exposed to the Internet. ...
Make sure any developer computing platforms are not running IIS of any
version ... Disconnect mail from the Internet.
- Code Rainbow Loose
in the Wild
While the worm is likely only to infect IIS systems, its probes are
consuming resources and bandwidth of all types of Internet-connected
devices, according to reports from administrators.
- Code Red worm set to flood Internet
The worm, which is thought to have compromised more than 15,000
English-language servers running Microsoft's Web server software, will cause
every infected computer to flood the Whitehouse.gov address with data
starting at 5 p.m. PDT... 'If this goes along what it's looking like,
parts of the Net will go down,' [said an analyst].
- IIS: Time to Just Say No
Last year, Microsoft issued 100 security bulletins, and as of 17 May 2001,
has issued 27 this year. Many of these vulnerabilities are quite serious.
If exploited they could cause overload conditions, crashes, denials of
service, inflict significant damage to the system (e.g., web site
defacement), or allow an unauthorized attacker to gain administrative
control of the system. ... if any company is running IIS because a
consulting firm recommended it, it's time to switch consulting firms.
- Remote 'Root' Exploit in IIS 5.0
This is a remote SYSTEM-level exploit in a popular webserver, in the wild,
i.e., Danger Will Robinson. eEye says about a million servers will need to
be patched; it may be more.
Collection originally created by, donated to LUGOD by,
and maintained by
Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are
trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.