Check your speedThis patch eliminates security vulnerabilities in the Microsoft Internet Information Server. The vulnerabilities could allow a malicious Web site operator to misuse another Web site as a means of attacking users. This vulnerability, known as Cross-Site Scripting (CSS), results when Web applications don't properly validate inputs before using them in dynamic Web pages. If malicious Web site operators were able to lure a user to their site, and had identified a third-party Web site that was vulnerable to CSS, they could potentially use the vulnerability to ""inject"" script into a Web page created by the other Web site, which would then be delivered to the user. The net effect would be to cause the malicious user's script to run on the user's machine. The vulnerability can affect any software that runs on a Web server, accepts user input, and blindly uses it to generate Web pages. Microsoft recommends that all vendors check their products to see if any are affected by the vulnerability, and initiated a check of its own products, as well. Several features in IIS were found to be affected--some were found by Microsoft internal teams, and others were identified by customers--and this patch eliminates all of them.
Read the FAQ for more information.
Did you find this download useful?
9 out of 18 users found this download useful
People who downloaded this software also downloaded...
RIP Killer Popup Blocker 3.12
Keep your surfing private while stopping annoying pop-ups and Flash ads.
SolidShare 2.6.11
Connect anyone on your network to the Internet with one ISP account and one modem.
Stealth KeyLogger 4.9
Get reports on keystrokes, e-mails, instant-messenging discussions, and Web sites visited.
Signed Sealed & Delivered 1.1.4
Put your confidential information in a secure encrypted vault for transfer over the Web.
