The latest Netcraft Survey of web servers has indicated that 45%
of IIS servers have .htr mapping enabled. Last month, Microsoft issued an advisory warning of a heap overrun vulnerability in IIS’ HTR handling which could yield remote system compromise.

Since HTR is now an antiquated scripting language, the advisory recommended that it be disabled if possible. But as this survey
has shown, few have heeded that warning, which begs the question of how many actually bothered to even install the patch. The
potential for a Nimda-like worm to take advantage of this and compromise massive numbers of systems is quite high. We don’t
want to stir up any hype, but it Is a remote root compromise so patch your IIS system immediately if you still haven’t.