IIS Unicode aftermath: the broader pattern
A week on from MS00-078. The exploitation pattern played out as expected. Time to step back and think about what this category of vulnerability tells us, and what I expect over the next year.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged iis — 3 results.
MS00-078: the IIS Unicode directory traversal
Today Microsoft published MS00-078, a directory-traversal vulnerability in IIS exploited via Unicode-encoded URL characters. The bug is exactly the structural pattern I wrote about last year. The exploitation is going to be widespread.
IIS vulnerabilities and the cost of platform monoculture
Microsoft's IIS web server has been the source of three serious advisories in the last two months. Every one is exploitable against installations using default settings. The pattern is becoming structural and the cost is paid by everyone, not just IIS operators.