This cumulative update includes all of the updates that have been released for Internet Information Server (IIS) 4.0 since the release of Windows NT® 4.0 Service Pack 5, including two new updates, and is discussed in Microsoft Security Bulletin MS01-044. Download now to keep IIS 4.0 updated with the latest security fixes.

This update eliminates two new security vulnerabilities:

• A denial of service vulnerability that could cause IIS 4.0 to stop responding. This vulnerability can be exploited by the "Code Red" worm.
• A buffer-overrun vulnerability that could allow a malicious user to run code on an affected computer.

For more information, including a list of the issues addressed in this update, read Microsoft Security Bulletin MS01-044. (This site is in English.)

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Add/Remove Programs.
3. Click Windows NT Hotfix [See Q301625 for more information], and then click Add/Remove to uninstall.