General 8066 Published by

Patch Available for "IIS Cross-Site Scripting" Vulnerabilities

Originally posted: August 25, 2000

Summary
=======
Microsoft has released a patch that eliminates security
vulnerabilities in Microsoft(r) Internet Information Server. The
vulnerabilities could allow a malicious web site operator to misuse
another web site as a means of attacking users.

Frequently asked questions regarding this vulnerability and
the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-060.asp

Affected Software Versions
==========================
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Server 5.0

Patch Availability
==================
- Internet Information Server 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24000
- Internet Information Server 5.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23999