Important: A new version of this update is now available. Microsoft recommends that you download Security Update, August 17, 2001, as it eliminates the vulnerability discussed in this update, and all known variants of the vulnerability.
The Index Server ISAPI (Index Server Application Programming Interface) extension, idq.dll file, which installs as part of Index Server 2.0 in Windows NT 4.0, has an unchecked buffer (a temporary data storage area that has a limited capacity) in the code that handles incoming requests. A specifically malformed request from a malicious user can cause the buffer to overflow. Doing so grants the malicious user Local System privileges, allowing him or her to take complete control of the Web server. This update eliminates the vulnerability by ensuring that the ISAPI extension checks input correctly.
Note: Although the functionality provided by idq.dll supports Index Server 2.0, idq.dll is installed with Internet Information Server (IIS) 4.0, and the vulnerability is present only when IIS 4.0 is running.
For more information about this vulnerability, read Microsoft Security Bulletin MS01-033.