Note - there are some issues that aren't IIS specific, but IIS can be a vector for attack. From memory there has been an ASP update, a DAV update and an SChannel update. Only the ASP issue is directly an IIS problem. But WebDAV and SChannel (via SSL/TLS) can be exploited via IIS.
Not to mention any .NET issues (remember that .NET ships with Windows Server 2003 and can also be enabled in IIS) Your best bet is to use MBSA to scan a particular machine. Cheers Ken ________________________________ From: Jim Majorowicz [[email protected]] Sent: Saturday, 30 May 2009 6:51 AM To: NT System Admin Issues Subject: RE: IIS 6.0 Update list Thanks Z. This was exactly what I was looking for. Trying to find those KB article numbers was like finding a needle in a haystack using the report features in WSUS 3.0… From: Ziots, Edward [mailto:[email protected]] Sent: Friday, May 29, 2009 5:02 AM To: NT System Admin Issues Subject: RE: IIS 6.0 Update list Go to http://www.microsoft.com/technet/security/current.aspx Put IIS 6.0 in the product to search, write down the KB articles listed for IIS 6.0 There is only 2 post Windows 2003 SP1 MS08-006 (KB942830) and MS06-034(KB917537) Then against your IIS 6.0 servers run the following command. Psinfo –h \\servername<file:///\\servername> | findstr /I “942830” And you will see something to this effect if its installed. 2/28/2008 Security Update for Windows Server 2003 (KB942830) Do the same for the MS06-034 Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected]<mailto:[email protected]> Phone:401-639-3505 ________________________________ From: Jim Majorowicz [mailto:[email protected]] Sent: Thursday, May 28, 2009 5:12 PM To: NT System Admin Issues Subject: IIS 6.0 Update list Where can I find a list of updates that may have affected IIS 6.0 and determine if and when they were applied to specific server? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
