Security Update, May 14, 2001
This cumulative update includes all the updates that have been released for Internet Information Server (IIS) 4.0 since the release of Windows NTŪ 4.0 Service Pack 5, and three new updates, and is discussed in Microsoft Security Bulletin MS01-026. Download now to update IIS 4.0 with the latest security fixes.
This update eliminates three new vulnerabilities:
- A vulnerability that could enable a malicious user to run operating system commands on an affected server.
- A vulnerability that could allow a malicious user to enter a File Transfer Protocol (FTP) command, which can cause IIS 4.0 to fail. FTP is the protocol used for copying files to and from remote computer systems on a network.
- A vulnerability that can enable a malicious user to access a guest account using the FTP service.
For more information, including a list of the issues addressed in this update, read Microsoft Security Bulletin MS01-026. (This site is in English.)
System Requirements
This update applies to Windows NT 4.0 computers running IIS 4.0.
How to Use
Restart your computer to complete the installation.
- Click Start, point to Settings, and then click Control Panel.
- Double-click Add/Remove Programs.
- Select Hotfix for Q295534, and then click Change/Remove to uninstall.