microsoft internet information serv

microsoft internet information server
As you learned in chapter 3, internet information Server (iis) is microsoft's web server software. microsoft supplies iis with the versions of its windows server operating systems that are suitable for use in operting electronic commerce web sites.
In august 2001, microsoft faced an uncomfortable situation that many u.s. manufacturing companies have experienced with recalled, defective products. microsoft executives stood by at a news conference while a U.S. government official announced to reporters that there was a serious flaw in a microsoft product. the director of the FBI's National infrastructure protection center was warning reporters that the code red worm, which was spreading through the internet for the third time in as many weeks, was a serious threat to the continued operation of the internet.
many microsoft customers were outraged by these statements, noting that microsoft had issued more than 40 software patches in the first half of 2001 and 100 or more patches in each of several prior years. IIS users complained that keeping the software current was virtually impossible and called for microsoft to deliver software that was more secure when first installed.
many IIS users began to consider switching to other Web server software. Gartner,Inc., a major IT consulting firm, recommended to its clients that they seriously consider alternatives to IIS for their critical web server installations. many industry observers and software engineers agree that microsoft was a victim of its own success. it had created a very popular and complex software products, and the popularity of the software made it an attractive target for crackers-one worm could bring down many of the servers would not have all of the available security upgrades installed, combined to make it an irresistible target for a worm creator.
Microsoft has struggled to gain the confidence of large corporate IT departments. The company has worked hard to convince users that its operaing system software is reliable and trustworthy. For example, when microsoft introduced version 7 of IIS in 2008, it announced that its architecture had been changed so that userd could install only the modules they needed to reduce the software's attack surface.
The code red worm attack on its web server software was a major setback in its reputation-building effort. since that attack, a number of security weaknesses have been identified in IIS and patched by microsoft. The news reports that inevitably accompany these patches have created a continuing public relations issue for the company. you can review the microsoft safety & security center through the web links to see how microsoft deals woth ongoing concerns that its software is secure in the face of attacks that are both regular and frequent.