JSI Tip 6474. How do I workaround the WebDAV vulnerability (Knowledge Base Article 815021)?

Microsoft Knowledge Base Article 816930 contains the following summary:

This article describes workarounds that you can use if you cannot successfully apply the security update that is discussed in the following Microsoft Knowledge Base article:

815021 MS03-007: Unchecked Buffer in Windows Component May Cause Web Server Compromise

Multiple workarounds are described in this article because enterprise system requirements and structures vary. Microsoft strongly encourages you to apply the security patch as soon as possible.

This article describes the following workarounds:

How to lock down or disable IIS if your computer does not require it
How to disable WebDAV if you do not require it
How to use the URL Buffer Size Registry tool
How to manually change the MaxClientRequestBuffer registry value if you require WebDAV
How to manually create a MaxClientRequestBuffer registry file for a single computer if you require WebDAV
How to deploy the MaxClientRequestBuffer registry file through Active Directory by using a Group Policy object

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.