Andr0m3da
Power Member
Microsoft has announced(*) that there is a serious
vulnerability in the Windows Script Engine which affects all versions of
Windows (95, 98, Me, NT 4.0, NT Terminal Server Edition, 2000 y XP). The
company has also released a patch to remedy the problem.
The problem stems from a buffer overflow in the JScript.dll library, which
forms part of Windows Script Engine. The attack could take place when a user
viewed a specially created malicious web page or received an HTML e-mail
including such a web page.
Given the serious nature of the problem, Windows users are advised to apply
the patch to their operating systems. This can be done automatically through
the Windows Update option, or by downloading the update directly from the
Microsoft website.
(*) The Microsoft bulletin about this vulnerability and the addresses for
the corresponding patches are available from:
http://www.microsoft.com/security/security_bulletins/ms03-008.asp
vulnerability in the Windows Script Engine which affects all versions of
Windows (95, 98, Me, NT 4.0, NT Terminal Server Edition, 2000 y XP). The
company has also released a patch to remedy the problem.
The problem stems from a buffer overflow in the JScript.dll library, which
forms part of Windows Script Engine. The attack could take place when a user
viewed a specially created malicious web page or received an HTML e-mail
including such a web page.
Given the serious nature of the problem, Windows users are advised to apply
the patch to their operating systems. This can be done automatically through
the Windows Update option, or by downloading the update directly from the
Microsoft website.
(*) The Microsoft bulletin about this vulnerability and the addresses for
the corresponding patches are available from:
http://www.microsoft.com/security/security_bulletins/ms03-008.asp