Security firms say the evidence is leading them to accept Microsoft’s explanation that its Internet Information Services server software doesn’t have an unknown vulnerability.
The Web attack that was stopped dead in its tracks on Friday when a Russian Web site was taken offline remained under investigation Monday by a host of security firms still puzzled over the method used to infect a number of Microsoft Internet Information Services servers.
But the evidence now is leading them to accept Microsoft’s explanation that the IIS 5.0 servers were hacked manually and that the server software doesn’t have an unknown vulnerability.
http://www.informationweek.com/story/showArticle.jhtml?articleID=22102487