Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
  Technical Updates @ TACKtech Corp.  

10.15.2003 - MS03-044: Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119)



View Microsoft related news. A security vulnerability exists in the Help and Support Center function which ships with Windows XP and Windows Server 2003. The affected code is also included in all other supported Windows operating systems, although no known attack vector has been identified at this time because the HCP protocol is not supported on those platforms. The vulnerability results because a file associated with the HCP protocol contains an unchecked buffer.

An attacker could exploit the vulnerability by constructing a URL that, when clicked on by the user, could execute code of the attacker’s choice in the Local Computer security context. The URL could be hosted on a web page, or sent directly to the user in email. In the web based scenario, where a user then clicked on the URL hosted on a website, an attacker could have the ability to read or launch files already present on the local machine.

- Download Windows Millennium Edition Patch
- Download Windows NT Workstation 4.0 SP6a Patch
- Download Windows NT Server 4.0 SP6a Patch
- Download Windows NT Server 4.0,Terminal Server Edition SP6 Patch
- Download Windows 2000 SP2 Patch
- Download Windows 2000 SP3 & SP4 Patch
- Download Windows XP SP1 Patch
- Download Windows XP 64-Bit Edition Patch
- Download Windows XP 64-Bit Edition Version 2003 Patch
- Download Windows Server 2003 Patch
- Download Windows Server 2003 64 bit Edition Patch
- View Microsoft Knowledge Base Article - 825119
- View Microsoft Security Bulletin
- View Microsoft End User Security Bulletin
- Visit Microsoft Corporation

NID: 1484 / Submitted by: TACKtech Team
Categories: Microsoft, Patches and Updates
Most recent Microsoft related news.
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1
MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0
MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0
MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0
MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........