Attackers Pounce on Microsoft FTP in IIS Vulnerability

Less than a week after the publication of exploit code for a gaping hole in the FTP Service in Microsoft Internet Information Services (IIS), attackers are launching what is described as “limited attacks” against Windows users.

Microsoft has updated its security advisory to warn of the new attacks and added new mitigation workarounds for business running (IIS) 5.0, 5.1, and 6.0.

In addition to the in-the-wild attacks, Microsoft warned that a new proof of concept has been published to demonstrate a denial-of-service attack on Windows XP and Windows Server 2003 with read access to the File Transfer Protocol (FTP) service.

“This does not require Write access,” the company warned.

Also, a new proof of concept allowing DoS was separately disclosed that affects the version of FTP 6 which shipped with Windows Vista and Windows Server 2008.

• Customers should be aware that the Download Center has FTP 7.5 available for Windows Vista and Windows Server 2008. FTP 7.5 is not vulnerable to any of these exploits.

Earlier this week, Microsoft issued an advisory to confirm the severity of this vulnerability, which allows remote code execution on affected systems running the FTP service and connected to the Internet.