IIS 4.0 Crashes or IIS 3.0 Generates Corrupted Log Data for HTTPS

This article was previously published under Q190143
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:For more information about IIS 7.0, visit the following Microsoft Web site:
When HTTPS connections are used, the following may occur:

  • Internet Information Server (IIS) 4.0 maystop responding (crash) when it receives an invalid SSL3 package.
  • IIS 4.0 may stop responding when a browser sends the packages in a certain order.
  • IIS 3.0 may generate a corrupted IIS log for the above situation,such as xxx.xxx.xxx.xxx (IP address), -, 6/30/98, 0:51:42, W3SVC, N004B2I0300,, 594, 23, 203, 404, 3, A[ASCII174]JVh[ASCII 154], U[ASCII 227]#[ASCII 243]LI&u[ASCII 129]_%[ASCII 225][ASCII129]&[ASCII 215][ASCII 136], -,
To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in theMicrosoft Knowledge Base:
152734 How to Obtain the Latest Windows NT 4.0 Service Pack

Microsoft has confirmed this to be a problem in Internet InformationServer versions 3.0 and 4.0. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.
sp hot fix qfe iissecurity iisgeneral ntsecurity

Article ID: 190143 - Last Review: 10/26/2013 13:42:00 - Revision: 6.0

  • Microsoft Internet Information Server 3.0
  • kbnosurvey kbarchive kbhotfixserver kbqfe kbbug kbfix KB190143