Microsoft has ensured that attackers have exploited a vulnerability in the company’s Internet Information Services (IIS) software.

With this, the attackers can easily take over a server or conduct a denial of service attack is in the file transfer function.

However, Microsoft is still working on it to resolve the problem.

Meanwhile, a Microsoft advisory has directions for a workaround, including disabling various elements of the vulnerable FTP (File Transfer Protocol) service to upload and download files.
 
While addressing media, Alan Wallace, senior communications manager for Microsoft's security response communications team said, “Customers should be aware that the Download Center has FTP 7.5 available for Windows Vista and Windows Server 2008. FTP 7.5 is not vulnerable to any of these exploits.”

In a blog, Wallace wrote that Microsoft recommends IIS users enforce the workarounds offered in the Advisory under the Workaround segment for all other users.

At the beginning, Microsoft said it was inquiring vulnerability only with versions 5 and 6 of IIS.