Comment Re:Windows only (Score 3, Informative) 160
So are you only vulnerable if you use ISAPI ? It does look like that module is enabled by default though. I wonder why ?
Actually, according to the advisory, it seems you are only vulnerable if you actually load an ISAPI
"it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory. However function pointers still remain in memory"
Even so, it's probably a good idea to comment out mod_isapi if you're not actively using it.