Microsoft Information for VU#789543
IIS decodes filenames superfluously after applying security checks
The vendor has not provided us with any further information regarding this vulnerability.
This vulnerability has characteristics very similar to VU#111677, which has been widely exploited. We very strongly encourage IIS administrators to update as quickly as possible.
If you have feedback, comments, or additional information about this vulnerability, please send us email.