Microsoft Security Bulletin MS05-024

Microsoft has released 1 security bulletin for the month of May in its usual monthly roundup of security bulletins. Affected versions of Windows include Microsoft Windows 2000 Service Pack 3 and 4. Microsoft Windows Millennium Edition is also affected but the vulnerability is not critical therefore a patch is not being released. Patches are available for Microsoft Windows 2000 only.

Vulnerability Details:

A remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields. By persuading a user to preview a malicious file, an attacker could execute code. However, user interaction is required to exploit this vulnerability. This update resolves a newly-discovered, public vulnerability. A remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields. By persuading a user to preview a malicious file, an attacker could execute arbitrary code in the context of the logged on user.

Download: Security Update for Windows 2000 (KB894320)

View: Microsoft Security Bulletin MS05-024 | Windows Update

Report a problem with article
Next Article

U.S. Army licenses Unreal Engine 3 technology

Previous Article

Appeals promised against Microsoft's word XML patent