Microsoft Corp. disclosed in May that an “extremely serious” flaw in an extension included in Windows 2000 could allow a malicious hacker to gain complete control of any computer running the Internet Information Services (IIS) 5.0 software built into that operating system.