A number of incompetent tech journalists and bloggers have spun this story as an attack against a vulnerability in Microsoft’s IIS web server. This link explains what really happened. Which seems to be the following: read on
Good points. I’ve posted the headline with the note added exactly because it stunted me how incredibly bad for Microsoft this headline is. They may be innocent, but this must damage their reputation (further). Microsoft should make it their responsibility and help solve this. This is their chance to differentiate themselves from Apache/PHP, no?