The higher-rated of the two bulletins includes a patch that fixes four separate vulnerabilities in Microsoft's Internet Information Services (IIS) software. That alert, rated "important," addresses vulnerabilities that could make servers running the software vulnerable to a denial-of-service attack.
"We definitely want everyone who is running IIS 4.0, 5.0 and 5.1 to install the patch," said Microsoft program manager Stephen Toulouse. However, IIS 6 and Microsoft Windows Server 2003 are not affected by the flaws, he added.
|