Today, an IIS 5.0 to 6.0 security advisory was released:

Vulnerability in Internet Information Services Could Allow Elevation of Privilege

http://www.microsoft.com/technet/security/advisory/971492.mspx

If you’re using WebDAV on any version prior to 7.0 (where it was completely rewritten, and released as an add-on module after ), you’ll want to read the advisory, and take appropriate action.

Mitigating factors are listed in the advisory.