On the 17th of March 2003 Microsoft announced a patch to fix a security vulnerability at the centre of the Windows 2000 operating system. In this paper we will discuss a number of new attack vectors that we have discovered on the same operating system, including java based web servers and other non-WebDAV related issues in IIS.