A security researcher published attack code for a flaw in Microsoft’s IIS server software. The flaw lies in the FTP (File Transfer Protocol) software used by IIS. It’s considered to be a critical issue for users of the older IIS 5 product. Microsoft’s next set of security patches is due Sept. 8; it’s not clear if the company will be able to develop and test its IIS patch in time for that update. Microsoft also released a security advisory describing the problem and detailing technical workarounds that can be implemented.”]
Source: https://www.csoonline.com/article/2124319/after-code-released–ms-to-patch-iis-bug.html