dcsimg

Microsoft IIS Cumulative Patch Released

By ServerWatch Staff (Send Email)
Posted Apr 28, 2002


Microsoft recently released a cumulative patch for its Internet Information Services Web server software, which is available on Microsoft Windows XP, 2000, and NT 4.0 operating systems. The patch is cumulative in that it includes the functionality of all security patches released for Microsoft IIS 4.0 since Windows NT 4.0 Service Pack 6a, and all security patches released to date for IIS 5.0 and 5.1.

Additionally, the patch includes fixes for ten newly discovered security vulnerabilities affecting IIS 4.0, 5.0 and/or 5.1, the most serious of which could enable code of an attacker's choice to be run on a server. (Note: Beta versions of .NET Server after Build 3605 contain fixes for all of the vulnerabilities affecting IIS 6.0.) Microsoft recently released a cumulative patch for its Internet Information Services Web server software. The patch includes the functionality of all security patches released for Microsoft IIS 4.0 since Windows NT 4.0 SP-6a, and all patches released to date for IIS 5.0 and 5.1, as well as fixes for ten newly discovered security vulnerabilities.

Microsoft has issued a critical severity rating for the patch and highly recommends that customers using any of the affected products install the patch immediately. In fact, there have been reports of Microsoft managers issuing internal e-mails demanding all staff install the patch or be blocked from accessing the Internet (even when IIS is not enabled).

Below is a listing and download link for the IIS security patch courtesy of our partner site, CWSApps. Additional information on the IIS Security Patch (and download links) can be found at:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-018.asp


Forrest Stroud




Microsoft IIS Security Patches
CWSApps
Review
Version N/A Date 4/10/02
Rating Size N/A
Description The latest security vulnerability patches for Microsoft IIS
Downloads "Cumulative Patch for Internet Information Services" Patch (4/10/02)
Platforms Windows XP, Windows NT/2000
Status Free update patches for Microsoft Internet Information Services
Company Microsoft Corporation - Microsoft Current Security Bulletins

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.