Select your language from the drop-down list below and
Read Me First
This update resolves the "Phone Book Service Buffer
Overflow" security vulnerability in Windows NT® 4.0. The Phone
Book Service that runs on Internet Information Server (IIS)
4.0 has an unchecked buffer (a temporary data storage area) in
the code that processes requests for phone book updates. A
specifically malformed HTTP request from a malicious user can
cause a buffer overflow in the Phone Book Service, which might
allow the malicious user to run unauthorized code on the
server, or cause the service to fail. Download now to prevent
a malicious user from running code to add, change, or delete
data on your Web server.
Note Web servers that do not have the Phone Book
Service installed are not at risk from this vulnerability.
For more information on this vulnerability, please read
Microsoft Security Bulletin MS00-094.
This update applies to:
- Windows NT 4.0 Server
- Windows NT 4.0 Server, Enterprise Edition
- Internet Information Server 4.0
How to download and install
- Select your language from the drop-down list above.
- Click Next.
- On the following page, click Download Now.
- Do one of the following:
- To start the installation immediately, select Run
this Program from its Current Location.
- To copy the download to your computer for installation
at a later time, select Save this Program to Disk.
- Click OK.
computer to complete the installation.
- Click Start, point to Settings, and then
click Control Panel.
- Double-click Add/Remove Programs.
- Select Windows 4.0 Hotfix [See Q276575 for more
information] and click Add/Remove to uninstall.