Microsoft Downplays Zero-Day IIS Issue

2009-12-30T15:54:39
ID THREATPOST:1A6E8104AD0AF7E1996F306EF0FAE7AE
Type threatpost
Reporter Donald Sears
Modified 2018-08-15T13:49:08

Description

MS accepts there is an “inconsistency” in how IIS 6 handles semicolons in
URLs, but it denies that this lends itself to hacking attacks. Read the full article. [The Register]