Aug 28, 2009
Following up on my last two blogs, we continue to notice that folks have difficulty properly configuring IIS in a secure manner, because they tend to over-open the security of their system, giving privileges to both the "request identity" and the "process...
0 comments
Tags: Securityprocess model
Jul 21, 2006
Windows Server 2003 and IIS6 released in March of 2003. Last week, we released a patch for asp.dll to fix our first vulnerability in over 3 years! It was kind of a sad day for the team (but one that we knew would come), because after IIS5, we committed...
1 comments
Tags: IIS6SecurityASP