"...The attacks, including Code Red and last week's
Nimda, have knocked out thousands of Web sites, and briefly
threatened to wreak havoc on the Internet earlier this summer.
They worked by wriggling in through known glitches in
Microsoft's Internet Information Server. The glitches could be
fixed by regularly downloading security patches from Microsoft Web
sites.
Microsoft Corp. denied that its Internet Information Server is
particularly vulnerable to attacks.
'Gartner's extreme recommendation ignores the fact that serious
security vulnerabilities have been found in all Web server products
and platforms,' Microsoft spokesman Jim Desler said. 'This is an
industrywide challenge.'"