Those of you running your own servers, 2 important security patches are now out and need to be implemented to keep your server and users happy. One is a security roll-up package, and the other is a patch to keep your server from being used in a DoS attack.

Here's the gist of the 2 patches:

Q327696: Internet Information Services Security Roll-up Package
Download size: 2.6 MB, < 1 minute
This update addresses several newly discovered security vulnerabilities affecting Internet Information Services - IIS 5.0 with Windows 2000, as well as incorporating all previous updates for IIS. Download now to continue keeping your computer secure.

Q329834: Security Update - Windows 2000
Download size: 192 KB, < 1 minute
This update resolves the "Unchecked Buffer in PPTP Implementation Could Enable Denial of Service" security vulnerability in Windows 2000. Download now to prevent an attacker from disrupting service on a server that offers private networking and uses the PPTP protocol

As always, http://v4.windowsupdate.microsoft.com/en/default.asp is your friend

Outlook Express SP1:

A cumulative patch, here you go:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q331923