FYI: We just posted Microsoft Security Advisory 971492

imageActually this was last evening but in case you missed it here are the details from the MSRC blog:

This advisory contains information regarding public reports of a vulnerability in Microsoft Internet Information Services (IIS) that could allow Elevation of Privilege. Products affected are IIS 5.0, IIS 5.1, and IIS 6.0. The advisory contains guidance and workarounds that customers can use to help protect themselves. We will continue to monitor the situation and post updates to the advisory and the MSRC Blog as we become aware of any important new information.

At this time, we are not aware of any known attacks that attempt to use this vulnerability.

For more information see Microsoft Security Advisory 971492.

J.C. Hornbeck | Manageability Knowledge Engineer