Ball State Server Breach Not Due to IIS Flaw

Ball State Server Breach Not Due to IIS Flaw

Ball State University network administrators now say that a computer security breach at the Muncie, Indiana school was due to misuse of an authorized Ball State user account and not to an exploit of a known zero-day privilege elevation vulnerability in Microsoft's Internet Information Services (IIS) web server, as was previously reported.

Microsoft issued a warning about the flaw earlier this week; the vulnerability affects IIS version 5 and 6.