New Variant of .HTR Vulnerability in IIS Servers

Microsoft recently released a patch for Microsoft IIS 4.0 and 5.0 servers.

Allen Jones

February 12, 2001

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Microsoft recently released a patch for Microsoft IIS 4.0 and 5.0 servers that fixes a new variant of an old vulnerability. This vulnerability, which can occur only under rare conditions, lets attackers view files from the server for which Web users already have permissions and could potentially let users see an Active Server Pages (ASP) page's content. Users who have disabled HTR functionality aren't exposed to the new variant. For more information, including patch availability, go to Microsoft's Web site.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like