Microsoft KB Archive/939373

= MS07-041: Vulnerability in Internet Information Services could allow remote code execution =

Article ID: 939373

Article Last Modified on 7/10/2007

-

APPLIES TO


 * Microsoft Windows XP Professional

-



INTRODUCTION
Microsoft has released security bulletin MS07-041. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:  Home users:

http://www.microsoft.com/protect/computer/updates/bulletins/200707.mspx

 IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms07-041.mspx





Known issue with this security update
Internet Information Services (IIS) 5.1 is an optional component in Microsoft Windows XP Professional Service Pack 2 (SP2). Windows Update offers this security update only if the IIS 5.1 component is installed on the computer.

If you download this security update from the Microsoft Download Center and manually try to install this security update on a Windows XP Professional SP2-based computer that does not have the IIS 5.1 component installed, you receive an error message. This error message indicates that a prerequisite is missing and that the security update will not be installed. This behavior is expected.

You can use the /quiet switch to suppress all messages.

Administrators should use one of the supported methods to verify that the installation is successful when they use the /quiet switch. Administrators should expect to receive error messages in the Kb939373.log file when the IIS 5.1 component is not installed.

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT WinXP

Keywords: kbexpertiseinter kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbpubtypekc KB939373

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.