Security Update, May 14, 2001
This cumulative update includes all the updates that have been released for Internet Information Service (IIS) 5.0, including three new updates, and is discussed in Microsoft Security Bulletin MS01-026. Download now to update IIS 5.0 with the latest security fixes.
This update eliminates three new vulnerabilities:
- A vulnerability that could enable a malicious user to run operating system commands on an affected server.
- A vulnerability that could allow a malicious user to enter a File Transfer Protocol (FTP) command, which can cause IIS 5.0 to fail. FTP is the protocol used for copying files to and from remote computer systems on a network.
- A vulnerability that can enable a malicious user to access a guest account using the FTP service.
For more information, including a list of the issues addressed in this update, read Microsoft Security Bulletin MS01-026. (This site is in English.)
System Requirements
This update applies to Windows 2000 computers running IIS 5.0.
How to Use
Restart your computer to complete the installation.
- Click Start, point to Settings, and then click Control Panel.
- Double-click Add/Remove Programs.
- Select Windows 2000 Hotfix (Pre SP3) [See Q293826 for more information], and then click Change/Remove to uninstall.