Microsoft IIS File Change Notification Local Privilege Escalation Vulnerability

Microsoft IIS File Change Notification Local Privilege Escalation Vulnerability

Solution:
Microsoft has released patches and an advisory to address this issue. Please see the references for more information.

Microsoft IIS 6.0

Microsoft Security Update for Windows Server 2003 (KB942831)
http://www.microsoft.com/downloads/details.aspx?familyid=516ef8e8-3cb6 -4660-b771-3c7f66917a11&displaylang=en

Microsoft Security Update for Windows Server 2003 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=5a4a6083-8c67 -4403-8e20-7f2b82178124&displaylang=en

Microsoft Security Update for Windows Server 2003 x64 Edition (KB942831)
http://www.microsoft.com/downloads/details.aspx?familyid=e24fb33c-67b9 -4ed4-9317-b5fd535d005a&displaylang=en

Microsoft IIS 7.0

Microsoft Security Update for Windows Vista (KB942831)
http://www.microsoft.com/downloads/details.aspx?familyid=8c7018ec-ae80 -4a30-93fc-0f7386732514

Microsoft Security Update for Windows Vista for x64-based Systems (KB942831)
http://www.microsoft.com/downloads/details.aspx?familyid=4de2fffc-5793 -4acf-98ee-1b801e59ae39&displaylang=en

Microsoft IIS 5.1

Microsoft Security Update for Windows XP (KB942831)
http://www.microsoft.com/downloads/details.aspx?familyid=73d24fcf-bea9 -4b13-9f1c-4e068c53a4ae

Microsoft Security Update for Windows XP x64 Edition (KB942831)
http://www.microsoft.com/downloads/details.aspx?familyid=103a6bc0-034a -443d-b1d4-81117820dcb2&displaylang=en

Microsoft IIS 5.0

Microsoft Security Update for Windows 2000 (KB942831)
http://www.microsoft.com/downloads/details.aspx?familyid=b24f34fb-40b9 -4aa5-b5ac-e3f0a6062753