MS10-065: Vulnerabilities in Microsoft Internet Information Services (IIS) could allow remote code execution

INTRODUCTION

Microsoft has released security bulletin MS10-065. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update


Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information

Known issues and additional information about this security update


The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.

  • 2124261 MS10-065: Description of the security update for Internet Information Services ASP: September 14, 2010
    Known issues in security update 2124261:

    • When you install security update 2124261 on a computer that is running Windows XP SP3 and that is not running IIS, the update may seem to install successfully. In this scenario, an entry is added to the Add or Remove Programs item in Control Panel. However, no files are installed on the computer. The files are not cached locally for use if IIS is enabled at a later date.
  • 2271195 MS10-065: Description of the security update for Internet Information Services CGI: September 14, 2010
    Known issues in security update 2271195:
    • The version of cgi.dll (7.5.7600.16385) that is released in Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 has an earlier version number than the version number of cgi.dll (7.5.7600.16632) that is released in security update 2271195. However, security update 2271195 is contained in cgi.dll version 7.5.7600.16385 that is released in the Service Pack. Therefore, no additional action is required by the user. 
  • 2290570 MS10-065: Description of the security update for Internet Information Services Infocomm: September 14, 2010
Properties

Article ID: 2267960 - Last Review: Jul 18, 2012 - Revision: 1

Windows 7 Enterprise, Windows 7 Home Basic, Windows 7 Home Premium, Windows 7 Professional, Windows 7 Ultimate, Windows Server 2008 R2 Standard, Windows Server 2008 R2 Enterprise, Windows Server 2008 R2 Datacenter, Windows Server 2008 Service Pack 2, Windows Server 2008 for Itanium-Based Systems, Windows Server 2008 for Itanium-Based Systems, Windows Server 2008 Datacenter, Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Server 2008 Standard, Windows Web Server 2008, Windows Web Server 2008, Windows Server 2008 for Itanium-Based Systems, Windows Server 2008 for Itanium-Based Systems, Windows Server 2008 Datacenter, Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Server 2008 Standard, Windows Web Server 2008, Windows Web Server 2008, Windows Vista Service Pack 2, Windows Vista Business, Windows Vista Business, Windows Vista Enterprise, Windows Vista Enterprise, Windows Vista Home Basic, Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Home Premium, Windows Vista Starter, Windows Vista Starter, Windows Vista Ultimate, Windows Vista Ultimate, Windows Vista Enterprise 64-bit Edition, Windows Vista Enterprise 64-bit Edition, Windows Vista Home Basic 64-bit Edition, Windows Vista Home Basic 64-bit Edition, Windows Vista Home Premium 64-bit Edition, Windows Vista Home Premium 64-bit Edition, Windows Vista Ultimate 64-bit Edition, Windows Vista Ultimate 64-bit Edition, Windows Vista Business 64-bit Edition, Windows Vista Business 64-bit Edition, Windows Vista Service Pack 1, Windows Vista Business, Windows Vista Business, Windows Vista Enterprise, Windows Vista Enterprise, Windows Vista Home Basic, Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Home Premium, Windows Vista Starter, Windows Vista Starter, Windows Vista Ultimate, Windows Vista Ultimate, Windows Vista Enterprise 64-bit Edition, Windows Vista Enterprise 64-bit Edition, Windows Vista Home Basic 64-bit Edition, Windows Vista Home Basic 64-bit Edition, Windows Vista Home Premium 64-bit Edition, Windows Vista Home Premium 64-bit Edition, Windows Vista Ultimate 64-bit Edition, Windows Vista Ultimate 64-bit Edition, Windows Vista Business 64-bit Edition, Windows Vista Business 64-bit Edition, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows Server 2003, Standard Edition (32-bit x86), Microsoft Windows Server 2003, Enterprise Edition (32-bit x86), Microsoft Windows Server 2003, Datacenter Edition (32-bit x86), Microsoft Windows Server 2003, Web Edition, Microsoft Windows Server 2003, Datacenter x64 Edition, Microsoft Windows Server 2003, Enterprise x64 Edition, Microsoft Windows Server 2003, Standard x64 Edition, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems, Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems, Microsoft Windows XP Service Pack 3, Microsoft Windows XP Home Edition, Microsoft Windows XP Professional

Feedback