IIS is Microsoft Windows web server software with an extensible, modular architecture that, since v7.0, supports two types of extensions – native (C++ DLL) and managed (.NET assembly) modules ...

According to the Milw0rm poster, the code works on Microsoft’s decade-old Windows 2000 operating system, while running the older IIS 5.0 server.

Like any web server, when a remote user accesses a webpage, IIS will log the request to log files that contain the timestamp, source IP addresses, the requested URL, HTTP status codes, and more.

Update Microsoft has now issued Security Advisory 975191 in regards to the issue. Affected software includes Windows 2000, Windows XP, and Windows Server 2003, using IIS 5.0, IIS 5.1, and IIS 6.0.

Microsoft's Internet Information Services 8.5 Web server will be arriving soon and bringing a few new improvements. IIS 8.5 will be released with the Windows Server 2012 R2 product on Oct. 18 ...

A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.

Microsoft's advisory says that this workaround particularly works for Windows Server 2003 systems running IIS 6.0.

A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.