Windows 2000 Exploits Published and Generalised

Further to our article on the widespread availability of WebDAV on Microsoft-IIS/5.0 sites, Roman Medina and Rafael Nunez have each published the sources to programs written to exploit the vulnerability.

Additionally, David Litchfield has produced a paper emphasizing that the problem is a core DLL in Windows 2000 that is possible to exploit without recourse to the published Microsoft-IIS WebDAV vulnerability.

Expert opinion is that no unpatched Windows 2000 machines are safe.

Netcraft's network exploration services may be useful for people managing large networks of Windows 2000 servers. In particular, we can report machines not yet rebooted since the availability of Microsoft's patch and determine availability of WebDAV functionality on those machines.

Please mail us if interested.