The discovery of the first virus to exploit the file stream feature of Windows 2000 to infect PCs has provoked a fierce debate about the adequacy of antivirus software in combating such infection.

The W2K/Streams virus, an executable file virus that only affects Windows 2000 systems, has been described by antivirus vendors as more of interest as a ´proof of concept´ than a threat. Antivirus vendors have, however, updated their software to detect the virus.

Read more

Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Internet Information Server (IIS). The
vulnerability could enable a malicious user to prevent an affected
web server from providing useful service.

Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-063.asp

Affected Software Versions
==========================
- Microsoft Internet Information Server 4.0

Note: As noted above in "Issue", the root cause of this vulnerability
lies in Windows NT 4.0, and Microsoft recommends that customers
using Windows NT 4.0 consider applying the patch.

Patch Availability
==================
- Microsoft Windows NT 4.0 Workstation, Server and Server,
Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24079
- Microsoft Windows NT 4.0 Server, Terminal Server Edition: To be
released shortly

Microsoft has released a Hotfix Checking Tool for IIS 5.0.

This tool enables IIS 5.0 administrators to to ensure that their servers are up to date on all security patches. The tool can be run continuously or periodically, against the local machine or a remote one, using either a database on the Microsoft web site or a locally-hosted copy. When the tool finds a patch that hasn´t been installed, it can display or dialogue or write a warning to the event log.

Download

Microsoft has released a beta of Advanced Security Privacy for Internet Explorer 5.5