Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The part that makes this really nasty is it doesn't just impact webservers. IIS is highly leveraged by other Microsoft technologies, everything from WSUS to SMTP to Exchange to Sharepoint are affected. In my environment, I estimate that 3/4 of my servers are vulnerable.


It's not IIS. It's HTTP.SYS. New configs have Powershel remote or WinRM. They use http.Sys and are vulnerable.


Seems I'm wrong. Kernel cache has to be enabled explicitly and Powershell/WinRM don't do that. Whew.


We all dodged a bullet there.


They really should have made it clear that it's a mitigating factors and that most (some, many?) non-IIS uses wouldn't use kernel caching and thus be OK.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: