MS17-016: Security Update for Windows IIS (4013074)
Medium Nessus Plugin ID 97741
SynopsisThe remote Windows host is affected by a cross-site scripting vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by a cross-site scripting (XSS) vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016.