Microsoft IIS exchange data stream bypass authentication vulnerability (MS10-065) and repair

Affected Versions:
Microsoft IIS 5.1 vulnerability description:

Microsoft Internet Information Service (IIS) is a network information server that comes with Microsoft Windows, which includes the HTTP service function.

IIS does not properly process the basic directory authentication. Remote attackers can append the NTFS stream name and stream type (: $ i30: $ INDEX_ALLOCATION) to the requested directory name) attackers can bypass authentication to access protected directories.
<* Reference
Http://secunia.com/advisories/40412/
Http://marc.info /? L = bugtraq & m = 127808488703742 & w = 2
Http://www.us-cert.gov/cas/techalerts/TA10-257A.html
Http://www.microsoft.com/technet/security/bulletin/MS10-065.mspx? Pf = true
*>
Test method:

Http://victim.com/secretfolder:$i30:#index_allocation/sebug Security suggestions:
Vendor patch:

Microsoft
---------
Microsoft has released a Security Bulletin (MS10-065) and patches for this:
MS10-065: Vulnerabilities in Microsoft Internet Information Services (IIS) cocould Allow Remote Code Execution (2267960)
Link: http://www.microsoft.com/technet/security/bulletin/MS10-065.mspx? Pf = true