From Microsoft: This cumulative update includes all the updates that have been released for Internet Information Service (IIS) 5.0, including three new updates, and is discussed in Microsoft Security Bulletin MS01-026. Download now to update IIS 5.0 with the latest security fixes.
A vulnerability that could enable a malicious user to run operating system commands on an affected server. A vulnerability that could allow a malicious user to enter a File Transfer Protocol (FTP) command, which can cause IIS 5.0 to fail. FTP is the protocol used for copying files to and from remote computer systems on a network. A vulnerability that can enable a malicious user to access a guest account using the FTP service.
This update eliminates three new vulnerabilities:
read more +