Watch for Windows 2000 Index Server Vulnerability

Last May, Microsoft acknowledged a serious flaw in its Windows 2000 server software that exposes any system running both Windows 2000 and Microsoft's Internet Information Services (IIs) 5.0 server to malicious hacking.

Because of a coding error in an extension that implements the Internet Printing protocol, a hacker may take full control of a vulnerable system. Windows 2000, Windows 2000 Advanced Server, and Windows 2000 Datacenter are all affected.

Security bulletins about this problem are available at

http://www.microsoft.com/technet/security/bulletin/MS01-023.asp
http://www.microsoft.com/technet/security/bulletin/MS01-025.asp
http://www.microsoft.com/technet/security/bulletin/MS01-026.asp

You'll find the patch at
http://www.microsoft.com/downloads/Release.asp?ReleaseID=29321

Service administrators wishing to ensure their servers are up-to-date on all security measures should check
http://www.microsoft.com/downloads/Release.asp?ReleaseID=24168