Microsoft Security Advisory 971492 this may help
If you have received this Security Alert 971492 and you wish to verify whether your IIS 6.0 Web Servers have the Webdav Extension enabled, then please see below for a useful script which you can run across your environment. Please of course test this in a pre-production environment prior to deployment in your live production environment.
cscript adsutil.vbs get w3svc/WebSvcExtRestrictionList –s:ServerName
"0,<windir>\system32\inetsrv\httpext.dll,0,WEBDAV,WebDAV" means webdav is disabled,
"1,<windir>\system32\inetsrv\httpext.dll,0,WEBDAV,WebDAV" means webdav is enabled