Steve Friedl posted the following to bugtraq this afternoon.
"There has been a fair amount written on the vulnerability itself, but
there's a large cohort who has no idea if their systems are at risk
("What is WebDAV, and how do I know if I have or need it???").
So I've written a paper that lets one self-assess to see if this is
an issue or not, mainly with a flowchart the gets to a not-vulnerable
place reliably.
Unixwiz.net Tech Tip: Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability
http://unixwiz.net/techtips/ms971492-webdav-vuln.html
Those who find WebDAV enabled still have to find local experts to help
figure out if they have a problem or not, but this should help the bulk
of users who are not at risk."
