1) Description:

• A buffer overflow in a ntdll.dll function can be exploited through the WEBDAV service of IIS 5.0.This vulnerability is currently been widely exploited in the Internet.

2) Impact:

• Arbitrary execution of commands remotely in the operational system.

3) Fixes:

If it is possible, disable the WebDAV service by setting the registry key below to 1:

• HKLM\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\DisableWebDAV

Article: http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B241520