There is a flaw in the way in which nsiislog.dll processes incoming requests. A vulnerability exists because an attacker could send specially formed communications to the server that could cause IIS to fail or execute code on the user's system.
Microsoft Windows NT 4.0
Microsoft Windows 2000
Download locations for this patch