http://blogs.iis.net/davcox/archive/2006/07/21/3-years-and-3-months.aspxWindows Server 2003 and IIS6 released in March of 2003. Last week, we released a patch for asp.dll to fix our first vulnerability in over 3 years! It was kind of a sad day for the team (but one that we knew would come), because after IIS5, we committedenCommunityServer 2007 SP1 (Build: 20510.895)http://blogs.iis.net/davcox/archive/2006/07/21/3-years-and-3-months.aspx#1348545Sat, 22 Jul 2006 05:29:07 GMT50bcf3b4-f6fe-4638-adff-0c150e922e99:1348545BernardWell, put it this way - consider only 1 vul after 3 years, IIS 6 is rocking and hopefully - this will be the only one :) <img src="http://blogs.iis.net/aggbug.aspx?PostID=1348545" width="1" height="1">