微软近日披露其互联网信息服务（IIS）平台存在一个关键的远程代码执行漏洞，该漏洞对依赖Windows服务器进行网络托管的企业构成安全风险。 漏洞技术细节 该漏洞编号为CVE-2025-59282，影响处理全局内存的Inbox COM Objects组件，源于竞态条件（race condition）和释放后 ...

ESET researchers have discovered a set of previously undocumented malware families, implemented as malicious extensions for Internet Information Services (IIS) web server software. Targeting both ...

It's not enough to get an IIS Web server up and running. You must also be able to manage the log files to track site utilization and user activity. Multiple options for logging user access activity ...

Microsoft PowerShell is a trusted tool for many information technology (IT) professionals managing Internet Information Services (IIS) web server farms with dozens or even hundreds of app pools. With ...

Continuing the theme from my previous column on the relative security of Internet Information Services (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. If you remember ...

Microsoft PowerShell is a trusted tool for many information technology (IT) professionals managing Internet Information Services (IIS) web server farms with dozens or even hundreds of app pools. With ...

Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. If you remember, ...

The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. Microsoft ...

Microsoft IIS (Internet Information Server) is the Windows counterpart of Linux Apache server. It is the second most popular HTTP server in the world after Apache. IIS provides the following services: ...

Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. The ...