OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Reed, Mike (Mike.ReedCWUSA.COM)
Date: Mon Aug 13 2001 - 09:49:43 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    This info was sent to me by my Microsoft technical account manager. It is in
    no way a reply to Russ's messages, but it's germane to the issue so I
    thought I'd pass it along (though he did ask me to remove his name).

    Mike Reed
    NT Systems Engineer
    IBM Global Services - Cable & Wireless Account
    Vienna, VA

    ==============================================================

    There's been lots of speculation about whether Personal Web Server is
    affected by the Code Red worm. Here's some info that may help explain the
    situation:

    Personal Web Server can be installed on Win95, 98, Me or Windows NT 4.0
    workstations.

    Although it has some code in common with IIS 4.0, it is not IIS 4.0. In
    particular, one piece it lacks is the Index Sever ISAPI Extension.

    The vulnerability that the Code Red worm exploits (see security bulletin
    MS01-033) lies within the Index Server ISAPI Extension. Because PWS lacks
    this code, it is not vulnerable to the Code Red worm.

    There is no such thing as PWS on Windows 2000. If a customer has a web
    server on Windows 2000 -- even Windows 2000 Professional -- it's IIS 5.0,
    and is vulnerable to the Code Red worm.

    IIS 5.0 installs by default as part of Windows 2000 server products, but
    does not install by default on Windows 2000 Professional. There is,
    however, one exception -- if a Windows NT 4.0 Workstation is upgraded to
    Windows 2000 Professional and it has PWS installed, PWS will be upgraded to
    IIS 5.0.

    Regards,

    <Name removed by request>

    ============================================================================
    Delivery co-sponsored by Trend Micro, Inc.
    ============================================================================
    TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE

    If you are worried about email viruses, you need Trend Micro ScanMail for
    Exchange. ScanMail is the first antivirus solution that seamlessly
    integrates with the Microsoft Exchange 2000 virus-scanning API 2.0. ScanMail
    ensures 100% inbound and outbound email virus scanning and provides remote
    software management. Download a FREE 30-day trial copy of ScanMail and find
    out why it is the best:
    http://www.antivirus.com/banners/tracking.asp?si=8&BI;=240&UL;=/smex2000
    ============================================================================