Steve Walker

**Name of the Vulnerable Software and Affected Versions** Windows IIS Server (affected versions not specified) **Description** The issue is related to insufficient access controls in the Windows IIS Server, which can be exploited by a remote attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in Microsoft Exchange Server, which can be exploited by a remote attacker to elevate their privileges. This vulnerability is associated with insufficient access controls. There have been reports of this issue being actively exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.