One day after a security researcher published attack code for a flaw in Microsoft's IIS server software, Microsoft said it plans to patch the issue.
Microsoft also released a security advisory describing the problem and detailing technical workarounds that system administrators can implement while they're waiting for a patch. "We’re currently investigating the issue... and working to develop a security update," Microsoft said in a note on its Web site. " This update will be released once it reaches an appropriate level of quality for broad distribution."
Microsoft's next set of security patches is due Sept. 8. It's not clear if the company will be able to develop and test its IIS (Internet Information Services) patch in time for that update, however.
More: http://computerworld.com/s/article/9137399/
Microsoft also released a security advisory describing the problem and detailing technical workarounds that system administrators can implement while they're waiting for a patch. "We’re currently investigating the issue... and working to develop a security update," Microsoft said in a note on its Web site. " This update will be released once it reaches an appropriate level of quality for broad distribution."
Microsoft's next set of security patches is due Sept. 8. It's not clear if the company will be able to develop and test its IIS (Internet Information Services) patch in time for that update, however.
More: http://computerworld.com/s/article/9137399/