Article ID: 811114 - Last Review: November 7, 2007 - Revision: 7.6

MS03-018: May 2003 cumulative patch for Internet Information Services (IIS)

View products that this article applies to.

On This Page

Expand all | Collapse all

SYMPTOMS

Microsoft has released a cumulative patch for Internet Information Server (IIS) 4.0, Internet Information Services (IIS) 5.0, and IIS 5.1. This patch includes the functionality of all security patches that have been released for IIS 4.0 since Windows NT 4.0 Service Pack 6a (SP6a), all security patches that have been released for IIS 5.0 since Windows 2000 Service Pack 2 (SP2), and all security patches that have been released for IIS 5.1. Additionally, this patch includes fixes for the following newly discovered security vulnerabilities that affect IIS 4.0, 5.0, and 5.1:
  • A cross-site scripting (CSS) vulnerability that affects IIS 4.0, 5.0, and 5.1. This vulnerability involves the error message that is returned to advise that a requested URL has been redirected. An attacker who lures a user to click a link on the attacker's Web site could relay a request that contains a script to a third-party Web site running IIS. This request could cause the third-party site's response (still including the script) to be sent to the user. The script could then run by using the security settings of the third-party site instead of the security settings of the attacker's site.
  • A buffer overrun that results because IIS 5.0 does not correctly validate requests for specific types of Web pages that are known as server-side includes. An attacker would have to be able to upload a server-side include page to a vulnerable IIS server. If the attacker then requests this page, a buffer overrun might occur. This buffer overrun would permit the attacker to run the code of his or her choice on the server with user-level permissions.
  • A denial of service vulnerability that results because of a flaw in the way that IIS 4.0 and 5.0 allocate memory requests when they construct headers to be returned to a Web client. An attacker would have to be able to upload an ASP page to a vulnerable IIS server. When the attacker calls to this ASP page, the page tries to return a very large header to the calling Web client. Because IIS does not limit the memory that can be used in this case, this might cause IIS to run out of memory and fail.
  • A denial of service vulnerability that results because IIS 5.0 and 5.1 do not correctly handle an error condition when a WebDAV request that is too long is passed to them. An attacker could use this problem to cause IIS to fail. However, by default, both IIS 5.0 and 5.1 restart immediately after this failure.
Mitigating factors for Redirection Cross-Site Scripting:
  • IIS 6.0 is not affected.
  • The vulnerability can only be exploited if the attacker can lure another user to visit a Web page and then click a link on the Web page, or lure the user to open an HTML mail.
  • The destination page must be an ASP page that uses Response.Redirect to redirect the client to a new URL that is based on the incoming URL of the current request.
Mitigating factors for Server Side Include Web Pages Buffer Overrun:
  • IIS 4.0, IIS 5.1, and IIS 6.0 are not affected.
  • By default, the IIS Lockdown tool disables the Ssinc.dll mapping (http://technet.microsoft.com/en-us/library/dd450372.aspx (http://technet.microsoft.com/en-us/library/dd450372.aspx) ). This setting blocks this type of attack.
  • By default, IIS 5.0 runs under a user account and not under the system account. Therefore, an attacker who successfully exploited this vulnerability would gain only user level permissions instead of administrative level permissions.
  • An attacker must be able to upload files to the IIS Server.
Mitigating factors for Headers Denial of Service:
  • IIS 5.1 is not affected.
  • An attacker must be able to upload files to the IIS server.
  • IIS 5.0 automatically restarts after this failure.
Mitigating factors for WebDAV Denial of Service:
Back to the top

RESOLUTION

Hotfix information

Caution If you have an application that is running under IIS and the application extends the IIS metabase schema, installing the security rollup fix may remove these extensions and your application may not function correctly. To determine if a third-party application extends the metabase schema, contact the third-party vendor.

Some ProClarity products are known to be affected by this security rollup fix, including the following products:
  • ProClarity Enterprise Server 4.0 and later
  • ProClarity Analytics Server 5.0, 5.1, and 5.2
To resolve the issue BEFORE you install the security rollup, use one of the following options:
  • Create a backup of the metabase, install the security rollup fix, and then restore the metabase afterward. (Note that Microsoft does not recommend this because of possible compatibility issues.)

    For more information about how to create a metabase backup, click the following article number to view the article in the Microsoft Knowledge Base:
    302573  (http://support.microsoft.com/kb/302573/ ) How to back up and restore IIS
  • Install Microsoft Windows 2000 Service Pack 4 (SP4). Windows 2000 SP4 includes the security rollup.
  • Contact Microsoft Product Support Services to receive a hotfix that corrects this problem.
If you have already installed the security rollup fix, and you have a problem with your application that extends the IIS metabase schema, the application must re-extend the metabase schema. This may require reinstalling the product.
Back to the top

Service pack information

To resolve this problem, obtain the latest service pack for Windows XP. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
322389  (http://support.microsoft.com/kb/322389/ ) How to obtain the latest Windows XP service pack
Back to the top

Security patch information

For more information about how to resolve this vulnerability, click the following section names to view the sections of this article:

Internet Information Services 5.1

Download information

The following files are available for download from the Microsoft Download Center:

Windows XP Professional (all languages)
Collapse this imageExpand this image
Download
Download the 811114 package now. (http://microsoft.com/downloads/details.aspx?FamilyId=77CFE3EF-C5C5-401C-BC12-9F08154A5007&displaylang=en)
Windows XP 64-bit Edition (all languages)
Collapse this imageExpand this image
Download
Download the 811114 package now. (http://microsoft.com/downloads/details.aspx?FamilyId=86F4407E-B9BF-4490-9421-008407578D11&displaylang=en)
Release Date: May 28, 2003

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591  (http://support.microsoft.com/kb/119591/ ) How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

This patch requires that you have already installed the 329115 patch. If 329115 is not present, client-side certificates will be rejected. You can restore this functionality by installing the 329115 patch. For more information about the 329115 patch, click the following article number to view the article in the Microsoft Knowledge Base:
329115  (http://support.microsoft.com/kb/329115/ ) MS02-050: Certificate validation flaw might permit identity spoofing
This patch requires the released version of Windows XP or Windows XP Service Pack 1 (SP1). For more information, click the following article number to view the article in the Microsoft Knowledge Base:
322389  (http://support.microsoft.com/kb/322389/ ) How to obtain the latest Windows XP service pack
Installation information

This patch supports the following Setup switches:
  • /? : Display the list of installation switches.
  • /u : Use Unattended mode.
  • /f : Force other programs to quit when the computer shuts down.
  • /n : Do not back up files for removal.
  • /o : Overwrite OEM files without prompting.
  • /z : Do not restart when installation is complete.
  • /q : Use Quiet mode (no user interaction).
  • /l : List installed hotfixes.
  • /x : Extract the files without running Setup.
To verify that the patch is installed on your computer, confirm that the following registry key exists:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP2\Q811114
Deployment information

To install the patch without any user intervention, use the following command line:
q811114_wxp_sp2_x86_enu /u /q
To install the patch without forcing the computer to restart, use the following command line:
q811114_wxp_sp2_x86_enu /z
Note You can combine these switches in one command line.

For information about how to deploy this patch by using Software Update Services, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/wsus/bb466201.aspx (http://technet.microsoft.com/en-us/wsus/bb466201.aspx)
Restart requirement

You do not have to restart your computer after you apply this patch. If a dialog box appears that states that you must restart your computer after you apply this patch, you can safely ignore it.

Removal information

To remove this update, use the Add/Remove Programs tool in Control Panel.

System administrators can use the Spunist.exe utility to remove this patch. Spuninst.exe is in the %Windir%\$NTUninstallQ811114$\Spuninst folder, and it supports the following Setup switches:
  • /? : Display the list of installation switches.
  • /u : Use unattended mode.
  • /f : Force other programs to quit when the computer shuts down.
  • /z : Do not restart when installation is complete.
  • /q : Use Quiet mode (no user interaction).
Patch replacement information

This patch replaces the patches that are discussed in the following Microsoft Knowledge Base articles:
327696  (http://support.microsoft.com/kb/327696/ ) MS02-062: October 2002 cumulative patch for Internet Information Services
321599  (http://support.microsoft.com/kb/321599/ ) MS02-028: Heap overrun in HTR-chunked encoding might enable Web server compromise
319733  (http://support.microsoft.com/kb/319733/ ) MS02-018: April 2002 cumulative patch for Internet Information Services
File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version        Size       File name     Platform
   --------------------------------------------------------------------
   21-Mar-2003  22:14  5.1.2600.1181    340,992  Asp51.dll     i386
   08-Aug-2002  12:31                     2,411  Default.asp   i386
   21-Mar-2003  22:14  5.1.2600.1173    117,248  Ftpsv251.dll  i386
   21-Mar-2003  22:14  6.0.2600.1189    240,640  Httpext.dll   i386
   21-Mar-2003  22:14  5.1.2600.1172     55,296  Httpod51.dll  i386
   21-Mar-2003  22:14  5.1.2600.1152    129,536  Iische51.dll  i386
   21-Mar-2003  22:14  6.0.2600.1167    242,176  Infocomm.dll  i386
   21-Mar-2003  22:14  6.0.2600.1182     65,024  Isatq.dll     i386
   21-Mar-2003  22:14  6.0.2600.1167     10,752  Lonsint.dll   i386
   08-Aug-2002  12:31                    19,224  Query.asp     i386
   08-Aug-2002  12:31                     6,527  Search.asp    i386
   17-Dec-2002  23:03  5.1.2600.1152     11,264  Spiisupd.exe  i386
   21-Mar-2003  22:14  5.1.2600.1152     40,448  Ssinc51.dll   i386
   21-Mar-2003  22:14  5.1.2600.1166    340,992  W3svc.dll     i386

   21-Mar-2003  22:14  5.1.2600.1181  1,057,792  Asp51.dll     IA64
   08-Aug-2002  12:32                     2,411  Default.asp
   21-Mar-2003  22:14  5.1.2600.1173    289,792  Ftpsv251.dll  IA64
   21-Mar-2003  22:14  6.0.2600.1189    934,400  Httpext.dll   IA64
   21-Mar-2003  22:14  5.1.2600.1172    144,384  Httpod51.dll  IA64
   21-Mar-2003  22:14  5.1.2600.1152    155,136  Iische51.dll  IA64
   21-Mar-2003  22:14  6.0.2600.1167    669,696  Infocomm.dll  IA64
   21-Mar-2003  22:14  6.0.2600.1182    186,368  Isatq.dll     IA64
   21-Mar-2003  22:14  6.0.2600.1167     29,696  Lonsint.dll   IA64
   08-Aug-2002  12:32                    19,224  Query.asp
   08-Aug-2002  12:32                     6,527  Search.asp
   18-Dec-2002  00:05  5.1.2600.1152     24,064  Spiisupd.exe  IA64
   21-Mar-2003  22:14  5.1.2600.1152     96,768  Ssinc51.dll   IA64
   21-Mar-2003  22:14  5.1.2600.1166    921,088  W3svc.dll     IA64
The following files are included to support the installation of the patch:
   Date         Time   Version   Size     File name     Platform
   -------------------------------------------------------------
   27-Feb-2002  19:58              4,092  Eula.txt      i386
   24-Mar-2003  17:38             11,508  Q811114.cat   i386
   21-Mar-2003  19:56  5.3.16.5   18,944  Spcustom.dll  i386
   21-Mar-2003  19:54  5.3.16.5    6,656  Spmsg.dll     i386
   21-Mar-2003  19:56  5.3.16.5   89,088  Spuninst.exe  i386
   21-Mar-2003  19:54  5.3.16.5  411,136  Update.exe    i386 
   21-Mar-2003  22:14              5,219  Update.inf    i386
   21-Mar-2003  22:14                936  Update.ver    i386

   11-Sep-2002  14:04              4,092  Eula.txt      IA64
   24-Mar-2003  17:38             11,508  Q811114.cat   IA64
   21-Mar-2003  19:55  5.3.16.5   52,736  Spcustom.dll  IA64
   21-Mar-2003  19:55  5.3.16.5    6,144  Spmsg.dll     IA64
   21-Mar-2003  19:55  5.3.16.5  214,528  Spuninst.exe  IA64
   21-Mar-2003  19:55  5.3.16.5  859,648  Update.exe    IA64
   21-Mar-2003  22:14              5,255  Update.inf    IA64
   21-Mar-2003  22:14                939  Update.ver    IA64
You can also verify the files that this patch is installed by reviewing the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP2\Q811114\Filelist

Internet Information Services 5.0

Download information

The following file is available for download from the Microsoft Download Center:

All languages
Collapse this imageExpand this image
Download
Download the 811114 package now. (http://microsoft.com/downloads/details.aspx?FamilyId=2F5D9852-4ADD-44F8-8715-AC3D7D7D94BF&displaylang=en)
Release Date: May 28, 2003

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591  (http://support.microsoft.com/kb/119591/ ) How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

This patch requires that you have already installed the 329115 patch. If 329115 is not present, client-side certificates will be rejected. You can restore this functionality by installing the 329115 patch. For more information about the 329115 patch, click the following article number to view the article in the Microsoft Knowledge Base:
329115  (http://support.microsoft.com/kb/329115/ ) MS02-050: Certificate validation flaw might permit identity spoofing
This patch requires Windows 2000 Service Pack 2 (SP2) or Windows 2000 Service Pack 3 (SP3). For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910  (http://support.microsoft.com/kb/260910/ ) How to obtain the latest Windows 2000 service pack
Installation information

This patch supports the following Setup switches:
  • /? : Display the list of installation switches.
  • /u : Use Unattended mode.
  • /f : Force other programs to quit when the computer shuts down.
  • /n : Do not back up files for removal.
  • /o : Overwrite OEM files without prompting.
  • /z : Do not restart when installation is complete.
  • /q : Use Quiet mode (no user interaction).
  • /l : List installed hotfixes.
  • /x : Extract the files without running Setup.
To verify that the patch is installed on your computer, confirm that the following registry key exists:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP4\Q811114
Deployment information

To install the patch without any user intervention, use the following command line:
q811114_w2k_sp4_x86_en /u /q
To install the patch without forcing the computer to restart, use the following command line:
q811114_w2k_sp4_x86_en /z
Note You can combine these switches in one command line.

For information about how to deploy this patch by using Software Update Services, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/wsus/bb466201.aspx (http://technet.microsoft.com/en-us/wsus/bb466201.aspx)
Restart requirement

You do not have to restart your computer after you apply this hotfix. The installer stops the correct services, applies the patch, and then restarts the services. However, if the installer cannot stop the services for any reason, you must restart your computer after Setup completes. If this behavior occurs, a message appears that prompts you to restart the computer.

Removal information

To remove this update, use the Add/Remove Programs tool in Control Panel.

System administrators can use the Spunist.exe utility to remove this patch. Spuninst.exe is in the %Windir%\$NTUninstallQ811114$\Spuninst folder. This utility supports the following Setup switches:
  • /? : Display the list of installation switches.
  • /u : Use unattended mode.
  • /f : Force other programs to quit when the computer shuts down.
  • /z : Do not restart when installation is complete.
  • /q : Use Quiet mode (no user interaction).
Patch replacement information

This patch replaces the patches that are discussed in the following Microsoft Knowledge Base articles:
327696  (http://support.microsoft.com/kb/327696/ ) MS02-062: October 2002 cumulative patch for Internet Information Services
321599  (http://support.microsoft.com/kb/321599/ ) MS02-028: Heap overrun in HTR-chunked encoding might enable Web server compromise
319733  (http://support.microsoft.com/kb/319733/ ) MS02-018: April 2002 cumulative patch for Internet Information Services
File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version        Size     File name
   --------------------------------------------------------
   26-Feb-2003  13:07  5.0.2195.6628  246,544  Adsiis.dll
   26-Feb-2003  13:07  5.0.2195.6672  337,168  Asp.dll
   22-Mar-2002  16:15                   2,413  Default.asp
   26-Feb-2003  13:07  5.0.2195.6628  118,032  Ftpsvc2.dll
   21-Mar-2003  22:16  5.0.2195.6692  246,544  Httpext.dll
   26-Feb-2003  13:07  5.0.2195.6667   57,104  Httpodbc.dll
   26-Feb-2003  13:07  5.0.2195.6664  122,128  Idq.dll
   26-Feb-2003  13:07  5.0.2195.6628  121,104  Iischema.dll
   26-Feb-2003  13:07  5.0.2195.6628   56,592  Iisext.dll
   26-Feb-2003  13:07  5.0.2195.6666   78,608  Iislog.dll
   20-Mar-2002  09:59                      30  Iisperf.txt
   26-Feb-2003  13:07  5.0.2195.6620  122,640  Iisrtl.dll
   26-Feb-2003  13:07  5.0.2195.6666  248,592  Infocomm.dll
   26-Feb-2003  13:07  5.0.2195.6666   62,736  Isatq.dll
   26-Feb-2003  13:07  5.0.2195.6620   46,352  Ism.dll
   26-Feb-2003  13:07  5.0.2195.6666   12,048  Lonsint.dll
   26-Feb-2003  13:07  5.0.2195.6620   26,896  Mdsync.dll
   24-Sep-2002  13:39  5.0.2195.6607    6,928  Perfvd.exe
   22-Mar-2002  16:15                  19,178  Query.asp
   22-Mar-2002  16:15                   5,571  Search.asp
   17-Oct-2002  17:00  5.0.2195.6611   13,072  Spiisupd.exe
   26-Feb-2003  13:07  5.0.2195.6624   41,232  Ssinc.dll
   26-Feb-2003  13:07  5.0.2195.6672  349,968  W3svc.dll
   26-Feb-2003  13:07  5.0.2195.6620   72,464  Wam.dll
The following files are included to support the installation of the patch:
   Date         Time   Version   Size     File name
   ---------------------------------------------------
   15-Nov-2001  19:27              5,149  Empty.cat
   01-Apr-2002  21:46              4,092  Eula.txt
   21-Mar-2003  23:18             14,231  Q811114.cat
   14-Mar-2003  15:51  5.3.16.5   18,944  Spcustom.dll
   14-Mar-2003  15:48  5.3.16.5    6,656  Spmsg.dll
   14-Mar-2003  15:51  5.3.16.5   89,088  Spuninst.exe
   14-Mar-2003  15:48  5.3.16.5  411,136  Update.exe
   21-Mar-2003  20:49             37,977  Update.inf
   21-Mar-2003  23:10              1,586  Update.ver
You can also verify the files that this patch installed by reviewing the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP4\Q811114\Filelist

Internet Information Server 4.0

Download information

The following file is available for download from the Microsoft Download Center:

All languages
Collapse this imageExpand this image
Download
Download the 811114 package now. (http://microsoft.com/downloads/details.aspx?FamilyId=1DBC1914-98E9-4DED-ADBF-E9B374A1F79D&displaylang=en)
Release Date: May 28, 2003

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591  (http://support.microsoft.com/kb/119591/ ) How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

Microsoft Internet Information Server (IIS) is not intended for use on Windows NT Server 4.0, Terminal Server Edition, and is not supported. Microsoft recommends that customers who run IIS 4.0 on Windows NT Server 4.0, Terminal Server Edition, protect their systems by removing IIS 4.0.

This patch requires that you have already installed the 329115 patch. If 329115 is not present, client-side certificates will be rejected. You can restore this functionality by installing the 329115 patch. For more information about the 329115 patch, click the following article number to view the article in the Microsoft Knowledge Base:
329115  (http://support.microsoft.com/kb/329115/ ) MS02-050: Certificate validation flaw might permit identity spoofing
This patch requires Windows NT 4.0 Service Pack 6a (SP6a). For more information, click the following article number to view the article in the Microsoft Knowledge Base:
152734  (http://support.microsoft.com/kb/152734/ ) How to obtain the Latest Windows NT 4.0 service pack
Installation information

This patch supports the following Setup switches:
  • /y : Perform removal (only with /m or /q ).
  • /f : Force programs to be closed at shutdown.
  • /n : Do not create an Uninstall folder.
  • /z : Do not restart when update completes.
  • /q : Use Quiet or Unattended mode with no user interface (this switch is a superset of /m ).
  • /m : Use Unattended mode with user interface.
  • /l : List installed hotfixes.
  • /x : Extract the files without running Setup.
To verify that the patch is installed on your computer, confirm that the following registry key exists:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\Q811114
Deployment information

To install the patch without any user intervention, use the following command line:
q811114i.exe /q
To install the patch without forcing the computer to restart, use the following command line:
q811114i.exe /z
Note You can combine these switches in one command line.

For information about how to deploy this patch by using Software Update Services, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/wsus/bb466201.aspx (http://technet.microsoft.com/en-us/wsus/bb466201.aspx)
Restart Requirement

To install this patch without restarting your computer, follow these steps:
  1. Stop all IIS services.
  2. Install the patch that contains the hotfix by using the /z switch.
  3. Restart the IIS services.
Removal information

System administrators can use the Hotfix.exe utility to remove this patch. Hotfix.exe is in the %Windir%\$NTUninstallQ811114$ folder, and it supports the following Setup switches:
  • /y : Perform removal (only with /m or /q ).
  • /f : Force programs to be closed at shutdown.
  • /n : Do not create an Uninstall folder.
  • /z : Do not restart when update completes.
  • /q : Use Quiet or Unattended mode with no user interface (this switch is a superset of /m ).
  • /m : Use Unattended mode with user interface.
  • /l : List installed hotfixes.
  • /x : Extract the files without running Setup.
Patch replacement information

This patch replaces the patches that are discussed in the following Microsoft Knowledge Base articles:
327696  (http://support.microsoft.com/kb/327696/ ) MS02-062: October 2002 cumulative patch for Internet Information Services
321599  (http://support.microsoft.com/kb/321599/ ) MS02-028: Heap overrun in HTR-chunked encoding might enable Web server compromise
319733  (http://support.microsoft.com/kb/319733/ ) MS02-018: April 2002 cumulative patch for Internet Information Services
File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version     Size     File name
   -----------------------------------------------------
   07-Mar-2003  19:58  4.2.785.1   214,544  Adsiis.dll
   07-Mar-2003  19:58  4.2.785.1   332,224  Asp.dll
   02-Apr-2001  20:55  4.0.2.4701  593,976  Fp4autl.dll
   07-Mar-2003  19:58  4.2.785.1    81,888  Ftpsvc2.dll
   07-Mar-2003  19:57  4.2.785.1    55,936  Httpodbc.dll
   13-Jul-2001  20:14  5.0.1782.4  193,296  Idq.dll
   07-Mar-2003  19:58  4.2.785.1    99,424  Iischema.dll
   07-Mar-2003  19:56  4.2.785.1    63,984  Iislog.dll
   07-Mar-2003  19:57  4.2.785.1   187,344  Infocomm.dll
   07-Mar-2003  19:56  4.2.785.1    47,936  Isatq.dll
   07-Mar-2003  19:56  4.2.785.1    29,520  Iscomlog.dll
   07-Mar-2003  20:00  4.2.785.1    54,560  Ism.dll
   07-Mar-2003  19:59  4.2.785.1    31,872  Mdsync.dll
   07-Mar-2003  20:01  4.2.785.1     9,680  Schmupd.exe
   07-Mar-2003  19:58  4.2.785.1    38,256  Ssinc.dll
   07-Mar-2003  19:58  4.2.785.1    25,360  Sspifilt.dll
   07-Mar-2003  19:57  4.2.785.1   231,616  W3svc.dll
   07-Mar-2003  19:57  4.2.785.1    88,032  Wam.dll
The following files are included to support the installation of the patch.
   Date         Time   Version        Size    File name
   -----------------------------------------------------
   19-Sep-2002  17:29  4.0.1381.7163  95,504  Hotfix.exe
   12-May-2003  21:27                 11,327  Hotfix.inf
Back to the top

STATUS

Microsoft has confirmed that this problem may cause a degree of security vulnerability in the Microsoft products that are listed in the "Applies To" section. This problem was first corrected in Windows XP Service Pack 2.
Back to the top

MORE INFORMATION

For more information about this vulnerability, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/MS03-018.mspx (http://www.microsoft.com/technet/security/bulletin/MS03-018.mspx)
Customers who use Site Server must be aware that a previously documented issue that involves intermittent authentication errors affects this patch and a small number of other patches. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
317815  (http://support.microsoft.com/kb/317815/ ) Site Server logon problems occur after you apply certain Windows 2000 hotfixes
These patches do not include fixes for vulnerabilities that involve non-IIS products, such as the Microsoft FrontPage Server Extensions and Microsoft Index Server, although these products are closely associated with IIS and are typically installed on IIS servers. However, there is one exception. The fix for the vulnerability that affects Index Server is included in this patch because of the seriousness of the issue for IIS servers. (This vulnerability is discussed in Microsoft Security Bulletin MS01-033 (http://www.microsoft.com/technet/security/bulletin/MS01-033.mspx) .) At the time that this article was written, the Microsoft Security Bulletins that discuss these vulnerabilities are as follows:
Microsoft Security Bulletin MS02-053 (http://www.microsoft.com/technet/security/bulletin/MS02-053.mspx)

Microsoft Security Bulletin MS02-050 (http://www.microsoft.com/technet/security/bulletin/MS02-050.mspx)

Microsoft Security Bulletin MS01-043 (http://www.microsoft.com/technet/security/bulletin/MS01-043.mspx)

Microsoft Security Bulletin MS01-025 (http://www.microsoft.com/technet/security/bulletin/ms01-025.mspx)

Microsoft Security Bulletin MS00-084 (http://www.microsoft.com/technet/security/bulletin/ms00-084.mspx)

Microsoft Security Bulletin MS00-018 (http://www.microsoft.com/technet/security/bulletin/ms00-018.mspx)

Microsoft Security Bulletin MS00-006 (http://www.microsoft.com/technet/security/bulletin/ms00-006.mspx)
The fixes for the following vulnerabilities that affect IIS 4.0 are not included in the patch because they require administrative action instead of a software change. Administrators must make sure that they not only apply this patch, but also take the administrative action that is described in the following bulletins:
Microsoft Security Bulletin MS00-028 (http://www.microsoft.com/technet/security/bulletin/ms00-028.mspx)

Microsoft Security Bulletin MS00-025 (http://www.microsoft.com/technet/security/bulletin/ms00-025.mspx)

Microsoft Security Bulletin MS99-025 (http://www.microsoft.com/technet/security/bulletin/ms99-025.mspx) (this bulletin discusses the same issue as Microsoft Security Bulletin MS98-004) (http://www.microsoft.com/technet/security/bulletin/ms98-004.mspx)

Microsoft Security Bulletin MS99-013 (http://www.microsoft.com/technet/security/bulletin/ms99-013.mspx)
Back to the top
APPLIES TO
  • Microsoft Internet Information Services version 5.1
  • Microsoft Internet Information Server 4.0
Back to the top
Keywords: 
kbhotfixserver kbqfe atdownload kbwinxpsp2fix kbwinnt400presp7fix kbwinxppresp2fix kbwin2000presp4fix kbsecvulnerability kbsecurity kbsecbulletin kbqfe kbfix kbbug KB811114
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations