A Microsoft security flaw announced last week is much more serious than initially thought, several security companies have said. It’s important that businesses apply a new patch to all Windows 2000 systems, advisories state — not just those running Microsoft’s IIS Web server software. According to a white paper available on NGSSoftware’s Web site, the flaw, which first was thought accessible only through the WebDAV (World Wide Web Distributed Authoring and Versioning) component of the IIS 5.0 Web server software running on Windows 2000, actually opens non-server systems to attack. And those exploitations can come from numerous other “attack vectors,” or approaches. Other security firms, including TruSecure, have issued updated alerts outlining the problem. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.