Invalid URL Vulnerability; IIS 5.0 Security Checklist

Learn about a new patch that covers the Invalid URL vulnerability in IIS 4.0, and discover Microsoft's new security checklist for IIS 5.0.

Allen Jones

September 12, 2000

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Patch For IIS 4.0 Invalid URL Vulnerability
Microsoft introduced a patch that covers an IIS 4.0 vulnerability that lets a malicious IIS user submit a URL containing invalid characters to the Web server. This submission, combined with certain events, causes the service to stop and creates a Denial of Service (DoS) condition. For more information, including a patch, go to Microsoft's TechNet Web site [http://www.microsoft.com/technet/security/bulletin/ms00-063.asp].

New IIS 5.0 Security Checklist Available
Microsoft recently released a new checklist that lets Web server administrators help secure a server running IIS 5.0. This checklist is similar to the popular IIS 4.0 checklist, although security policies simplify many registry settings. You can find the new checklist at Microsoft's TechNet Web site.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like