It looks like the hotfix released for MS01-016 (Malformed WebDAV Request Can
Cause IIS to Exhaust CPU Resources) replaces the same dll as MS01-014
(Malformed URL can Cause Service Failure in IIS 5.0 and Exchange 2000).
However, no mention is made on MS's site if the later release fixes the
problems discussed in the earlier bulletin.

So, either it does, and MS failed to mention it, or it doesn't, and applying
this fix will nullify the prior fix.

I haven't had a chance to determine which of these states are true, but I'll
be looking into it tonight or tomorrow. Just wanted to give a heads up.

Tod Beardsley Public Key Fingerprint
Tod_Beardsleydell.com 03FA 3798 4EE9 5227
(512) 725-2337 C979 4593 2679 2DAC
 Dell Online - Site Ops - System Administrator
  "Happiness is Mandatory!" - Friend Computer

----------------------------------------------------------------------------
Delivery co-sponsored by BindView Corporation
============================================================================
Are your security practices adequate enough to protect you from hackers and
crackers? How do you provide remote access to your users, enable e-mail
messaging, Internet sites and e-commerce activity, and at the same time
maintain security? Can you implement and administer the effective security
measures you need without doing battle with the people who need access to
your network?

Download FREE the latest Hurwitz Group Report, Management Controls:
Security Impact of IT Administration at <http://www.bindview.com/hurwitz3>
----------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]