Microsoft has released a cumulative patch for IIS 4 and 5 that fixes every known security hole. Including the one that we needed at work about 3 weeks ago, which causes the Code Red worm to crash IIS 4 servers that use URL redirection. Microsoft’s glacial response time has caused us to migrate to Apache, but I thought I’d mention it in case there’s anyone left who still has unpatched (or partially patched) Microsoft servers.
§
I am no longer accepting public comments on this post, but you can use this form to contact me privately. (Your message will not be published.)
§
firehose ‧ code ‧ music ‧ planet
© 2001-8 Mark Pilgrim