Proof-of-concept code for a new Microsoft zero-day stack overflow vulnerability was posted
Monday on exploit repository Milw0rm. The exploit is present in the file transfer protocol (FTP) module in Microsoft Internet Information Server (IIS) 5.0 and 6.0, the SANS Internet Storm Center said in a blog post
Monday. A Microsoft spokeswoman told SCMagazineUS.com that the company is investigating the vulnerability but is not aware of any in-the-wild exploits.