Patch for Web Server File Request Parsing Vulnerability
Microsoft announced that a vulnerability in IIS 5.0 and IIS 4.0 lets malicious users use a malformed request that could include specific commands for the OS to request a file from the Web server. This vulnerability is restricted in what commands the malicious users can execute, but the vulnerability is significant and can cause major havoc on a Web server. Click here for more information about this vulnerability and a patch.
New IIS Knowledge Base Articles
Microsoft is now posting newly created and revised Knowledge Base articles online, sometimes even before TechNet subscribers receive them. This posting is a great way for administrators to keep up on the latest news. Click here to see the major categories list. Under Internet Technologies, you can find articles specifically targeting IIS, Microsoft FrontPage, Microsoft Commerce Server 2000, and other technologies. New IIS articles include