Overview

What is Microsoft IIS 5.0 Specialized Header Vulnerability Patch?

eliminates a security vulnerability in IIS (Internet Information Server) which could, under certain conditions, cause a Web server to send the source code of certain types of Web files to a visiting user.

In depth

A closer look at Microsoft IIS 5.0 Specialized Header Vulnerability Patch

If an IIS server receives a file request that contains a specialized header as well as one of several particular characters at the end, the expected ISAPI (Internet Server Application Program Interface) extension processing may not occur. The result is that the source code of the file would be sent to the browser.

It is important to note that normal security recommendations militate strongly against ever including sensitive information in ASP files. If these recommendations are followed, there is no sensitive information to compromise.

The specialized header at issue here cannot be created via a standard Internet browser, so the request would need to be created by an alternate method.

Verdict

Should you download Microsoft IIS 5.0 Specialized Header Vulnerability Patch?

Microsoft IIS 5.0 Specialized Header Vulnerability Patch runs on Windows 2000 and is available under the Freeware license — the installer is 323 KB. We’ve catalogued it under Servers.

Verified clean. Every Microsoft IIS 5.0 Specialized Header Vulnerability Patch build on SoftLookup is scanned for viruses, spyware, adware, trojans and backdoors. We re-test on every update.