Patch Repository

MS08-006 Bulletin Details
Bulletin ID MS08-006
Title Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)
Summary This important update resolves a privately reported vulnerability in Internet Information Services (IIS). A remote code execution vulnerability exists in the way that IIS handles input to ASP Web pages. An attacker who successfully exploited this vulnerability could then perform actions on the IIS server with the same rights as the Worker Process Identity (WPI). The WPI is configured with Network Service account privileges by default. IIS servers with ASP pages whose application pools are configured with a WPI that uses an account with administrative privileges could be more seriously impacted than IIS servers whose application pool is configured with the default WPI settings.
Knowledgebase 942830

List of Patches

S.No Patch Description Severity
1Security Update for Windows Server 2003 (KB942830)Important
2Security Update for Windows Server 2003 x64 Edition (KB942830)Important

Disclaimer: This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.