If you don't put IIS on your workstations by default, and keep local access to your IIS servers tight, then the risk is low in my eyes. Now fi you don't have those controls in place and mischeavous folks on your network with access, then risk is higher...
Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected] Phone:401-639-3505 ________________________________ From: James Rankin [mailto:[email protected]] Sent: Monday, April 06, 2009 5:00 AM To: NT System Admin Issues Subject: Windows vulnerability Is anybody worrying about/taking any action over this vulnerability? http://www.microsoft.com/technet/security/advisory/951306.mspx While MS says it is not aware of it being exploited, this fairly-recent ISC entry seems to hint otherwise http://isc.sans.org/diary.html?storyid=6010 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
