allready fixed
That is, the floodgates were closed long ago: nobody has this feature enabled. There seems to be some disagreement at present about if it affects IIS5. Windows 2000 servers with IIS5 may still have Webdav running. If that is the case, those running their own web page in-house on Windows 2000 Server should turn off WebDav. Any other remnants who have deliberately exposed webdav to the public internet (a tiny and odd minority) can add urlscan (technet.microsoft.com/en-us/security/cc242650.aspx) to sanitise webdav requests.
Very few people expose their file systems to WebDav. Only a tiny tiny minority of those use WebDav to expose their file system to the public internet, and are potentially affected by this.