[–] SquarebobSpongebutt 0 points 0 points (+0|-0) ago 

Look, my company still runs some 2003 but not for anything with internet access. But it is a 14 year old OS. If you are still running a 14 year old OS on mission critical and externally facing servers you got other problems.

[–] [deleted] 0 points 0 points (+0|-0) ago 



[–] 8623163? 0 points 0 points (+0|-0) ago 

To be fair, if you are still running Ubuntu 7.04, you have a bunch of unlatched vulnerabilities as well, I'd wager.


[–] derram 0 points 0 points (+0|-0) ago 

https://archive.is/cd4o5 | https://vgy.me/laQwwd.png :

WONTFIX: No patch for Windows Server 2003 IIS critical bug – Microsoft • The Register

'Microsoft will not patch a critical security hole recently found and exploited in IIS 6 on Windows Server 2003 R2 – the operating system it stopped supporting roughly two years ago. '

'Shodan.io – a search engine for internet-facing devices – has found hundreds of thousands of servers still using IIS 6.0, and about 20,000 machines using Windows Server 2003. '

'According to the latest data, the US leads the world in Server 2003 R2 systems online, with China a close second, and the pickings could be rich for canny operators. '

'The firm has made it its business to offer alternative patches for Microsoft flaws and this one is no exception. ', "The vulnerability in the IIS WebDAV component allows an attacker to run code remotely on a target system by sending in an overly large 'If' header entry in a PROPFIND request."

This has been an automated message.