Contents tagged with Security
-
Under what context does my code run on IIS?
Following up on my last two blogs, we continue to notice that folks have difficulty properly configuring IIS in a secure manner, because they tend to over-open the security of their system, giving privileges to both the "request identity" and the "process identity" that are above what are required for secure and reliable applications.
-
3 Years and 3 months
Windows Server 2003 and IIS6 released in March of 2003. Last week, we released a patch for asp.dll to fix our first vulnerability in over 3 years!