ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Join the ZDNet Community

Resources Downloads

Download Now

Microsoft IIS4 "Cross-Site Scripting" Vulnerability Patch (MS00-060)


 License Free
Requirements Windows NT 4.0, Internet Information Server 4.0
Downloads 114 Limitations None
Publisher Microsoft File Size 473k
Date added 09 Nov 2000 Check your speed

Report a broken link

This patch eliminates security vulnerabilities in the Microsoft Internet Information Server. The vulnerabilities could allow a malicious Web site operator to misuse another Web site as a means of attacking users. This vulnerability, known as Cross-Site Scripting (CSS), results when Web applications don't properly validate inputs before using them in dynamic Web pages. If malicious Web site operators were able to lure a user to their site, and had identified a third-party Web site that was vulnerable to CSS, they could potentially use the vulnerability to ""inject"" script into a Web page created by the other Web site, which would then be delivered to the user. The net effect would be to cause the malicious user's script to run on the user's machine. The vulnerability can affect any software that runs on a Web server, accepts user input, and blindly uses it to generate Web pages. Microsoft recommends that all vendors check their products to see if any are affected by the vulnerability, and initiated a check of its own products, as well. Several features in IIS were found to be affected--some were found by Microsoft internal teams, and others were identified by customers--and this patch eliminates all of them.

Read the FAQ for more information.

Download Now

Did you find this download useful?
9 out of 18 users found this download useful


People who downloaded this software also downloaded...

RIP Killer Popup Blocker 3.12

Keep your surfing private while stopping annoying pop-ups and Flash ads.

More info +

Download


Email Privacy 3

Bypass your ISP's mail server and send e-mail directly to your recipient's mailbox.

More info +

Download


Mirramail Encrypted Email 3.0

Send messages using a complete e-mail program.

More info +

Download


My-iWallet 2

Protect your online log on using biometric authentication instead of passwords.

More info +

Download


Anti-Spam Guard 4

Secure your incoming and outgoing e-mails and delete junk files.

More info +

Download


Easy Login Assist 3.6

Manage your privacy data and log in to Web sites or applications automatically.

More info +

Download


DeVault Pro 2009 R6

Organize, backup, encrypt, and share all your files via secure digital vaults.

More info +

Download


LANwriter 1.0

Get an application for network CD/DVD writing, FTP and secure data publishing.

More info +

Download


eCipher Free 1.6

Encrypt and send secure e-mail easily.

More info +

Download


Cute Password Manager Pro 2008.1.3.9

Log into Web sites and fill forms with just a few mouse clicks.

More info +

Download



Download

Brocade File Insight 2.0

Brocade File Insight is a free Windows-based reporting utility that provides a quick and easy way to understand your SMB/CIFS network file environments.

  • Downloads: 2,300
  • Requirements: Microsoft 32-bit Windows Server 2003, XP Professional, or newer
  • License: Free Tool / Utility
  • Publisher: Brocade
  • Size: 0

Download Now

More In Security management


Google Chrome Special Report

All roads lead to Chrome

All roads lead to Chrome

Comment With its new browser, Google has finally taken its gaudy, chrome-plated, futuristic ray gun and pointed it straight at Microsoft's head

News Google to unveil open-source 'Chrome' browser

News Mozilla welcomes competition from Google's Chrome

More Special Reports

Sentry Posts Blog

Nasa hacker loses last-ditch appeal

Self-confessed Nasa hacker Gary McKinnon has lost his appeal to Home Secretary Jacqui Smith against extradition to the US. In an email sent to ZDNet.co.uk on Monday, McKinnon's... More

1 comment

Up to 1.7m MoD personal details missin...

The potential number of people affected by the the loss of a hard disk containing MoD details could be a high as 1.7 million, defence minister Bob Ainsworth told parliament on Monday. In... More

1 comment

Toshiba touts Quantum Key Distribution

Toshiba research scientists have developed a method of distributing quantum keys more efficiently, the company has claimed in a statement: "[Quantum Key Distribution -- ] QKD --... More

Post a comment

Featured Talkback

In association with Intel
It seems to me this is a burden being placed on the wrong shoulders. There is not an It system in the world that can stop an individual taking information in their heads and spewing out at the nearest undesirable third party.

By: RonaldWilkins

Read full story:
Deloitte: People are still weakest security link

DOWNLOAD

Security Essentials

Security Downloads

There are masses of security suites out there for small businesses. Here's a selection to get you started

Editor’s Rating
1 Norton 360™
2 AVG Anti-Virus Free Edition Rating: 10
3 PC Tools AntiVirus Free Edition
4 Kaspersky Internet Security

See All Software

In association with Symantec