urlscan

About this tag
The urlscan tag on WindowsForum.com covers discussions about URLScan, a free security tool for Internet Information Services (IIS) that helps administrators block malicious requests based on custom rules. Content under this tag focuses on using URLScan as a workaround for vulnerabilities, such as the ASP.NET information disclosure issue addressed in Microsoft Security Advisory 2416728. Topics include configuring URLScan rules to block specific query strings, integrating it with IIS on Windows Server and client versions like Windows 7, and comparing it to the built-in Request Filtering feature. The tag is relevant for IT professionals and system administrators managing IIS security and applying Microsoft security advisories.
  1. News

    Security Advisory 2416728 - Workaround Update

    Hi everyone - We've updated Microsoft Security AdvisoryLink Removed due to 404 Error to include a step in the workaround requiring the blocking of requests that specify the application error path on the querystring. This can be done using URLScan, a free tool for Internet Information Services...
  2. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -

    Revision Note: V1.2 (September 24, 2010): Added an entry to the FAQ to announce a revision to the workaround, "Enable a UrlScan or Request Filtering rule, enable ASP.NET custom errors, and map all error codes to the same error page." Customers who have already applied the workaround should...
Back
Top