Microsoft Internet Explorer HTML Help File Code Execution Vulnerability patch 6-8-2000

Advertisement
Advertisement

Microsoft has released a patch that eliminates a security vulnerability in the HTML Help facility that ships with Microsoft® Internet Explorer. Under certain conditions,the vulnerability could allow a malicious web site to take inappropriate action on the computer of a visiting user. The HTML Help facility provides the ability to launch code viashortcuts included in HTML Help files. If a compiled HTML Help (.chm) file were referenced by a malicious web site, it could potentially be used to launch code on a visiting users computer without the users approval. Such code couldtake any actions that the user could take, including adding, changing or deleting data, or communicating with a remote web site. A web site could only invoke an HTML Help fileif it resided on a UNC share accessible from the users machine, or on the users machine itself. A firewall that blocks Netbios would prevent the former case from being exploited. Adhering to standard security practices wouldprevent the latter. In addition, an HTML Helpfile could only be invoked if Active Scriptingwas permitted in the Security Zone thatthe malicious users site resides in. Thepatch eliminates the vulnerability by onlyallowing an HTML Help file to use shortcuts ifthe help file resides on the local machine.

Microsoft has released a patch that eliminates ...

 
  • Microsoft Internet Explorer HTML Help File Code Execution Vulnerability patch 6-8-2000
  • 5am Code
  • Windows 9X, ME, NT, 2K, 2003, XP, Vista
  • Freeware
  • 1 Kb
  • 308
  • Free
 
 

Review Microsoft Internet Explorer HTML Help File Code Execution Vulnerability patch 6-8-2000

  • captcha
 


Utilities - Other software of 5am Code

  • 2007 Microsoft Office Suite Service Pack 1  v.1.0The 2007 Microsoft Office suite Service Pack 1 delivers important customer-requested stability and performance improvements, while incorporating further enhancements to user security. This service pack also includes all of the updates released for ...
  • 2007 Office System Converter: Microsoft Filter Pack  v.1.0Will install and register IFilters with the Microsoft Windows Indexing Service.The package will install and register IFilters with the Microsoft Windows Indexing Service. These IFilters are used by Microsoft Search products to index the contents of ...


Utilities - New Utilities software

  • Asoftech Automation  v.3.1Asoftech Automation records all operation of mouse and keystrokes and saves them as macros. It can play back the recorded macros to automate recorded tasks any number of times.It is very easy to use and doesn't require any programming experience.
  • Soft4Boost Dup File Finder  v.7.0.9.845Soft4Boost Dup File Finder is a free disk utility designed to help you to find and remove useless duplicate files, stored on your PC. By using this powerful yet free utility, you can increase free space on your disk by up to 50%.
  • IncrediMail Export Messages to Thunderbird  v.7.5.7The IncrediMail exporting tool is simple for IncrediMail export messages to Thunderbird. The program supports very simple to export imm messages to Thunderbird with attachments, images, formatting, etc.
  • Network Shares Recycle Bin  v.6.1.3.6The Network Shared Recycle Bin allows you to backup and recover deleted files on the server side. Once you have this tool in your system, it will automatically keep a track of all the network deleted files and you can easily recover them.
  • Microsoft Internet Explorer Active Setup Control Vulnerability patchMicrosoft has released a patch that eliminates a vulnerability that could allow a malicious user to embed an unsafe executable within an email and disguise it as a safe type of attachment. Through a complicated series of steps, the unsafe executable ...
  • Microsoft Internet Explorer Image Source Redirect Vulnerability patch  v.1The vulnerability could allow amalicious web site operator to read - butnot add, change or delete - certain types offiles on the computer of a visiting user.When a web server navigates a window fromone domain into another one, the IE securitymodel ...