Browse Site by Tags

All Tags » IIS News (RSS)

Showing related tags and posts across the entire site.

.NET
Access
Advisories
Advisories / Bulletins
Alerts
ANNOUNCEMENTS
Architecture
ASP.NET
Best Practices
Books
C#
Community
ConfigMgr 2007
ConfigMgr 2007 (SCCM)
Cool reading
Desarrollo de Software
DevCenter
Development
Digital Media
Downloads
Events
Exchange
Exchange Server 2007
Extenders
Flight Simulator
General
General Security
General Security News
Hardware
Humor
IIS News
Informations
Internet Explorer
Internet Explorer 7
kba
LINQ
Me
Media Center
Media Center PC's
Microsoft
Miscellaneous
MOSS2007
MS AJAX
MSDN
MVP
News
OpsMgr 2007
Other
performance
Personal
PowerShell
Products
Rant
Rants
Revealed
Sécurité
safety and privacy on the Internet
SBS
sbs 2008
SBS Blog
SBS03_Tips
SBS2003
Security
Security, safety and privacy on the Internet
Server
Sharepoint
Silverlight
Small Business Server
SoftDev
Software
SPPS03_Tips
Spyware
SQL Server
System Center
Technical stuff
Technology
Tips
Tools
Trivia
Updates
VB
virtualization
viruses and exploits
Vista
Visual Studio
Vulnerabilities
Vulnerabilities, viruses and exploits
WCF
Webcast
windows
Windows 7
Windows Mobile
Windows OS
Windows Server
Windows Server 2008
Windows Vista
Workflow
WPF
XNA
XP

Security Alert - Vulnerability in Internet Information Services Could Allow Elevation of Privilege

Two days ago, a new vulnerability was found in WebDav for IIS, although few have make a big deal out of it, personally I think the impact is 'quite' minimum or at least zero in my environment coz I got no WebDav at all :) LOL... anyway - here is the security advisory from Microsoft. To know more...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Wed, May 20 2009
Filed under: IIS News, Community Info, IIS Links, IIS FAQs
Token Kidnapping - Fixed

A year ago... Cesar Cerrudo presented a serious vulnerability via evalvation of privilege involving the NetworkService or LocalService account specific to IIS worker process. Although Microsoft addressed this in April last year, but it was more towards workaround to get rid of the actual issue, and today...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Tue, Apr 14 2009
Filed under: IIS News, IIS KBs, IIS
Top 8 - Web 2.0 Security Threats

Got this from a mailing list - the top 8 security threats in Web 2.0 applications. 1. Insufficient Authentication Controls 2. Cross Site Scripting (XSS) 3. Cross Site Request Forgery (CSRF) 4. Phishing 5. Information Leakage 6. Injection Flaws 7. Information Integrity 8. Insufficient Anti-automation...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Wed, Feb 18 2009
Filed under: IIS News, Community Info
IIS Insider - Zzz...

Errr.... 2 yrs ago I told you I wrote the last ever IIS Insider column for MS!!! Chris Adam back then even put up a notice to inform everyone. Believe me, the URL is valid back then.... after MS site reorg, yeah! happen every quarter you know :) so it got 'integrated' with 'technet',...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Thu, Jan 22 2009
Filed under: IIS News, IIS
IIS Insider - September 2006 Issue - Repost

IIS Insider: September 2006 By Bernard Cheah, IIS Insider is a monthly column designed to answer your questions on how to troubleshoot and make the most of Microsoft Internet Information Services (IIS). The example companies, organizations, products, domain names, e-mail addresses, logos, people, places...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Wed, Jan 21 2009
Filed under: IIS News, IIS
Ping Ping Ping!!!

Yo yo yo.. happy 2009. Oops! 2 weeks late.. wtf Good news - Alive and kicking!!! !@$!#@%#@% Bad news - Freaking busy with work and life It is getting tougher with the current economy climate... is it bottom yet ? or the market still sinking slowly ? No worries, I'm NOOB when it comes to investment...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Tue, Jan 13 2009
Filed under: IIS News, Personal
How to Detect, Identify and Defend against SQL Injection?

SQL Injection has been around for many years :) and you probably get over 3 million results when you googled the term. so why is it so HOT now? Well, not so long ago some folks (don't ask me who!!, go read) were claiming that it was an IIS exploit, etc. Hence, all IIS web servers are subjected to...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Wed, Jun 25 2008
Filed under: IIS News, IIS Links, IIS
IIS KBs - May 2008

Well, for last month we got zero new IIS KB articles, yet few are related to IIS in certain way. 941850 When you try to access files on a WebDAV site that uses only Digest authentication, the process may fail on a Windows Vista-based computer 942039 FIX: Visual Studio 2005 incorrectly creates a subfolder...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Wed, Jun 11 2008
Filed under: IIS News, IIS KBs
Improving Web Service Security: WCF

The Microsoft Patterns & Practices team just published a beta copy of Improving Web Service Security for WCF or code name Indigo last week. This is another great playbook from the team that gives us many great guides and practices in using Microsoft technologies. If you are into Indigo, this is a...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Wed, Jun 11 2008
Filed under: IIS News, Community Info, IIS Links
IIS 7 Shared Hosting Summary

Damn! I love this blog post from Thomas , and you can easily noticed that IIS team has put lot of effort in shared hosting environment, from shared to delegated configuration, and all the way to process model improvements. The dynamicIdleThreshold for example is a fantastic feature for shared hosting...

Posted to Server: Microsoft-IIS/7.0\r\n (Weblog) by qbernard on Wed, May 14 2008
Filed under: IIS News, Community Info, IIS Links

Page 1 of 22 (217 items) 1 2 3 4 5 Next > ... Last »

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.