NATIONAL INFRASTRUCTURE PROTECTION CENTER (NIPC)
   INFORMATION SYSTEMS ADVISORY 99-015.1, MICROSOFT INTERNET INFORMATION
                             SERVER VERSION 4.0
                                      
   Microsoft has been developing workarounds and patches to close
   Microsoft Internet Information Server 4.0 vulnerabilities initially
   reported by EEYE and WIRED news. Microsoft has now completed and
   released a patch for IIS 4.0 addressing these vulnerabilities,
   available at http://www.microsoft.com/security/bulletins/ms99-019.asp.
   
   NIPC strongly recommends that relevant systems be checked and the
   updated patch be applied in place of earlier workarounds that may have
   been used. More information on these vulnerabilities and protection
   against them is available from either Microsoft or the Carnegie Mellon
   CERT ([1]http://www.cert.org).
   
   Please report information on and damage from exploits targeting these
   vulnerabilities to your local FBI office, the NIPC, or military or
   civilian computer incident response team, as appropriate. The NIPC
   Watch and Warning Unit can be reached at (202) 323-3204/5/6 from 6am
   to 11pm Washington, D.C. local time, or email (nipc.watch@fbi.gov).
   
                 [2]Back to Advisories, Alerts and Warnings

References

   1. http://www.cert.org/
   2. http://www.fbi.gov/nipc/nipcaaw.htm