Microsoft on Tuesday issued a security advisory for a Web server flaw that was made public on Monday.
The flaw affects certain versions of Microsoft Internet Information Services product, but to be exploited it requires a user to have the FTP function enabled. The flaw could allow an attacker to take over the server.
In its advisory, Microsoft said it has not seen any active attacks, although it acknowledges that detailed exploit code was published to the Web.
Microsoft said it is still working on patching the flaw but said the advisory has advice that customers can use to protect … Read more