-
SQL Injection has been around for many years :) and you probably get over 3 million results when you googled the term. so why is it so HOT now? Well, not so long ago some folks (don't ask me who!!, go read) were claiming that it was an IIS exploit, etc. Hence, all IIS web servers are subjected to...
-
Well, for last month we got zero new IIS KB articles, yet few are related to IIS in certain way. 941850 When you try to access files on a WebDAV site that uses only Digest authentication, the process may fail on a Windows Vista-based computer 942039 FIX: Visual Studio 2005 incorrectly creates a subfolder...
-
The Microsoft Patterns & Practices team just published a beta copy of Improving Web Service Security for WCF or code name Indigo last week. This is another great playbook from the team that gives us many great guides and practices in using Microsoft technologies. If you are into Indigo, this is a...
-
Damn! I love this blog post from Thomas , and you can easily noticed that IIS team has put lot of effort in shared hosting environment, from shared to delegated configuration, and all the way to process model improvements. The dynamicIdleThreshold for example is a fantastic feature for shared hosting...
-
Years ago, I wrote the KB on passive port range at MSKB site - How To Configure PassivePortRange In IIS http://support.microsoft.com/?id=555022 Lazy to update the article for IIS 7.0 FTP detail, and I'm not going to add that here :) Coz you can get it from Microsoft Support Team - http://blogs.msdn...
-
Microsoft revised two security bulletins yesterday. One of which is related to .Net Framework published last year , not major update or new fixes but rather doc updates on changes related to releases of WinXP SP3. On the other hand, in the recent Hack in the Box conference in Dubai, a new exploit in...
-
948801 If an SMTP connector set the Outbound Security option to "Integrated Windows Authentication," the SMTP connector does not work in the IIS Metabase when you restore an Exchange Server 2003 server by using a Disaster Recovery mode 949455 System Center Operations Manager 2007 Reporting...
-
Oh well, been busy and no time to post this back then. In the routine patch Tuesday this month, Microsoft released 8 security bulletins with 5 of which in critical severity and one specific bulletin is related to IIS in a way. The 08-022 actually replaced the old fixes in 2006. Summary: This security...
-
Today, Microsoft released a major revision for a vulneribility reported last year on .Net Framework. If you running framework version 1.0, 1.1 and 2.0. Please apply the fix asap. Take note that even you are running 3.0, it is essentially using .Net Framework 2.0 runtime with extra bonus feature like...
-
Wow, what can I say? The IIS product team is really spending lot of effort you give you the best experience for IIS 7.0. Today, they released technical preview one for the brand new administration pack! you can take this as UI addon to various configuration in IIS 7.0 with some added features for you...