I will be having the IIS servers I manage audited by a computer security company next week. The servers are very secure and I put a lot of time into keeping them that way. In anticipation of next week ...

Can someone give me/point me to some good information on how the security in IIS functions? I'm looking to work out when/where IUSR_SERVERNAME account is used, when a sep. indiviual user's account is ...

Cisco Talos links China-based UAT-8099 to IIS server attacks using BadIIS malware for regional SEO fraud, targeting Thailand ...

Microsoft Corp. is urging users of its Internet Information Server (IIS) software to install another patch, this time to plug three newly discovered security holes and correct errors made in a trio of ...

In a Tuesday blog item, Google posted results of an internal study that examines the types of Web servers that are most commonly being used to host malware and dish up browser exploits and drive-by ...

Microsoft on Tuesday confirmed that it is examining a critical vulnerability in older editions of Internet Information Services (IIS) server, a day after a hacker posted exploit code to the ...

The North Korean state-backed threat actor Lazarus Group has reinvented its ongoing espionage campaign by exploiting known vulnerabilities in unpatched Windows IIS Web servers to deploy its ...

Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty "inetpub" folder and warned users not to delete it. This folder is typically used by Microsoft's Internet ...

Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. The ...

Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. Since a single ...