humm don’t they call that 0dayz?
A server operated by the US Army has already been attacked via the security hole. If successfully exploited the loophole can give attackers control over a target machine. In an advisory, Microsoft called the flaw “critical” and has been telling customers to patch their computers in case they fall victim.

The flaw is present in servers running Windows 2000, up to and including service pack 3, and version 5.0 of Microsoft’s Internet Information Server (IIS) software.
It arises because of Microsoft’s implementation of a program called WebDAV that lets different people remotely manage what is on a net server.

more from the[url=http://news.bbc.co.uk/1/hi/technology/2860189.stm] BBC[/url]

---

Filed under: m$ - @ March 18, 2003 7:14 pm