If you are running IIS 5.0 and haven't applied http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx I suggest doing so immediately as there is new malicious code in the wild taking advantage of it.  Microsoft is placing this at a severity level of critical.  For more information: http://www.microsoft.com/security/incident/download_ject.mspx