This update resolves the "Malformed WebDAV Request Can Cause IIS to Exhaust CPU Resources" security vulnerability in Internet Information Services (IIS) 5.0, and is discussed in Microsoft Security Bulletin MS01-016. Download now to prevent a malicious user from temporarily disrupting your Web services.
This vulnerability exists because Web distributed authoring and versioning (WebDAV) incorrectly processes specially malformed requests. (WebDAV is a component of IIS 5.0 that enables users to add and manage content on a Web server remotely.) If a malicious user sends a stream of specially malformed requests to an affected server, the Central Processing Unit (CPU) usage will significantly increase, disrupting Web services for as long as the stream of malformed requests continues.