Microsoft Windows NT Server Home   All Products  |   Support  |   Search  | Home  
  Windows Home Pages  |   Downloads  |   Support  |   Sitemap  |
Enter a search phrase:
Windows NT Server 4.0 | Downloads

Security Update, November 10, 2000

Select your language from the drop-down list below and click Next.


Read Me First

This update resolves the "Web Server File Request Parsing" security vulnerability in Internet Information Server (IIS) 4.0. When a Web server that is running IIS receives a request for a file, it passes the name of the file to the operating system for processing. If a malicious user combines a request for a .cmd or .bat file with operating system commands in a particular way, IIS improperly passes both the file request and the commands to the operating system. This could allow the malicious user to run commands directly on the Web server. Download now to prevent a malicious user from modifying Web pages, adding, changing, or deleting files by sending malformed file requests.

Note This update has been revised as of November 20, 2000. Microsoft recommends that you install this version of the update.

For more information about this vulnerability, please read Microsoft Security Bulletin MS00-086.

System Requirements

This update applies to Internet Information Server 4.0

How to download and install

  1. Select your language from the drop-down list above.
  2. Click Next.
  3. Follow the instructions on your screen.

Note Some languages also include a symbols package for this update. Recommended for system administrators and other advanced users, the symbols package is used for diagnosing Windows NT® 4.0 system problems and is not required for proper operation of your computer.

How to use

Restart your computer to complete the installation.

How to uninstall

  1. Click Start, point to Settings, and then click Control Panel.
  2. Double-click Add/Remove Programs.
  3. Select Windows 4.0 Hotfix [See Q277873 for more information] and click Add/Remove to uninstall.

 Last Updated: Tuesday, April 03, 2001
 © 2001 Microsoft Corporation. All rights reserved. Terms of Use.