Used Microsoft Malformed Web Form Submission Vulnerability Patch (IIS 5.0) for Windows? Share your experience and help other users.
Developer’s Description
The FrontPage Server Extensions (FPSE) ship with and are installed by default as part of IIS 4.0 and 5.0. The most familiar FPSE functions allow Web site and content management; however, FPSE also provides browse-time support functions. Among the functions included in the latter category are ones that help process Web forms that have been submitted by a user. A vulnerability exists in one of these functions. If a malicious user levied a specially-malformed form submission to an affected server, it would cause the IIS service to fail. The vulnerability does not provide the opportunity to misuse any of the FPSE administrative or content management functions.
To resume normal operation on an IIS 4.0 server, the operator would need to restart the service. In contrast, if an IIS 5.0 server were attacked via this vulnerability, the IIS service would, by default, automatically restart almost immediately. Although any Web sessions that were in progress at the time of the attack would be lost, the server would be able to accept new connections as soon as the service was restarted. FPSE is installed by default as part of IIS 4.0 and 5.0, but, in keeping with best practices, Microsoft recommends that they be disabled if not needed.
Used Microsoft Malformed Web Form Submission Vulnerability Patch (IIS 5.0) for Windows? Share your experience and help other users.
Explore More
Complete Cleanup
Trial version
EMCO Network Malware Cleaner
Trial version
Iron Password for Windows 8
Free
Crypto
Trial version
ForYourIrisOnly 32-bit
Trial version
ABM Net Protection
Free
VPN Lifeguard Portable
Free
Timeline
Trial version
Privacy Internet Eraser
Trial version
CC-CAM
Trial version
USB Locker
Trial version
