Security Update, May 14, 2001
This cumulative update includes all the updates that have been released for Internet Information Server (IIS) 4.0 since the release of Windows NT� 4.0 Service Pack 5, and three new updates, and is discussed in Microsoft Security Bulletin MS01-026. Download now to update IIS 4.0 with the latest security fixes.
This update eliminates three new vulnerabilities:
- A vulnerability that could enable a malicious user to run operating system commands on an affected server.
- A vulnerability that could allow a malicious user to enter a File Transfer Protocol (FTP) command, which can cause IIS 4.0 to fail. FTP is the protocol used for copying files to and from remote computer systems on a network.
- A vulnerability that can enable a malicious user to access a guest account using the FTP service.
For more information, including a list of the issues addressed in this update, read Microsoft Security Bulletin MS01-026. (This site is in English.)
System Requirements
This update applies to Windows NT 4.0 computers running IIS 4.0.
How to Use
Restart your computer to complete the installation.
- Click Start, point to Settings, and then click Control Panel.
- Double-click Add/Remove Programs.
- Select Hotfix for Q295534, and then click Change/Remove to uninstall.