We had several web servers hacked this week, on March 10-11, 2019. The intruders added dangerous asp/aspx/php files in numerous wwwroot directories, and they also gave "everyone" full control permission on files in these directories. (Based on logs, I think at least some of the hacking was done via ASP and PHP files on IIS.)
It looks like Microsoft has patched some major vulnerabilities this week, and I wonder if there is any way to determine if the hacking that I observed is related to those vulnerabilities?
https://www.darkreading.com/threat-intelligence/microsoft-patch-tuesday-64-vulnerabilities-patched-2-under-attack/d/d-id/1334141