Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched Posted on March 29, 2017 by Simon Steed Researchers have disclosed a zero-day vulnerability and proof-of-concept exploit for a flaw in Microsoft IIS 6.0. The zero-day has been under attack since last July, the researchers said.