This indicates an attack attempt to exploit a Remote Code Execution in IIS.
The vulnerability is due to a backdoor that stealthily monitor all HTTP requests and recognize specially formatted HTTP requests sent by the attacker. An attacker needs to gain access to the Windows system running the IIS server by some other means.
System Compromise: Remote attackers can execute arbitrary code within the context of the target system
Apply the most recent upgrade or patch from the vendor.