Comments on: Comments on 7463

Post number 7463

mecawilson — Fri, 04 May 2001 12:12:16 -0800

Security Threat! But only if your server's running... No crap. I love the Note on Microsoft's security bulletin for it's recent IIS 5.0 security flaw. Did anyone need to be told that?

By: chrish

chrish — Fri, 04 May 2001 12:21:00 -0800

One could argue that there would be certain instances where an OEM manufacturer could install IIS has a standard Windows 2000 distro, but the customer never use that particular service. I have an IMAP server on my machine which I have yet to upgrade despite security bulletins because the service is disabled.

By: jpoulos

jpoulos — Fri, 04 May 2001 13:08:11 -0800

"Warning: This MS product has been known to climb out of the package at night, install itself on your server, and give access to your network to all sorts of unseemly hacker-types. Upon purchase of Win2K server, please take the unopened box and bury deep in your back yard. Thank you for choosing Microsoft."

By: mathowie

mathowie — Fri, 04 May 2001 13:16:30 -0800

FYI: I patched this server on wednesday morning, when the patch was first released.

By: bkdelong

bkdelong — Fri, 04 May 2001 14:18:54 -0800

Yeah, the Chinese vs. US crap has slowed down significantly and now we're starting to see the Windows 2000 defacements roll in. Someone made it so easy to gain access to vulnerable machines, your mother could probably do it and this hole is so bad, Microsoft halted production of their "Service Pack 2" for Windows 2000 to include the fix. So patch up.