05.148.2003 - MS03-007: Unchecked Buffer In Windows Component Could Cause Server Compromise (815021)

Microsoft originally released this article March 17, 2003. At that time, Microsoft was aware of a publicly available exploit that was being used to attack Windows 2000 Servers running IIS 5.0. The attack vector in this case was WebDAV although the underlying vulnerability was in a core operating system component, Ntdll.dll. Microsoft issued a patch to protect Windows 2000 customers shortly afterwards, but also continued to investigate the underlying vulnerability. Windows NT 4.0 also contains the underlying vulnerability in Ntdll.dll, however it does not support WebDAV and therefore the known exploit was not effective against Windows NT 4.0. Microsoft has now released patches for Windows NT 4.0. Additionally, Microsoft recently learned of this vulnerability in Windows XP. However, like Windows NT 4.0, Windows XP does not install Internet Information Services (IIS) by default. On May 28, 2003, Microsoft released a patch for Windows XP and Windows XP Service Pack 1. - View Knowledge Base Article 815021 - View Microsoft Security Bulletin MS03-007 - View Microsoft End User Security Bulletin - Visit Microsoft Corporation