Microsoft patched a couple of security holes this week, including:
IIS file viewers vulnerability
Microsoft has patched a vulnerability in its Site Server and Internet
Information Server (IIS) products that allows a malicious Web site visitor
to view files on the server, assuming that user already knows the name and
location of the files. For information on the fix, please check out the
Microsoft Knowledge Base article "Solution Available for File Viewers
Vulnerability".
Excel 97 virus warning vulnerability
Microsoft has released a patch that eliminates vulnerabilities in the Excel
97 virus warning mechanism. For more information and a downloadable fix,
please check out the Microsoft Knowledge Base article "Patch Available for
Excel 97 Virus Warning Vulnerabilities"