- Quick specs
- Price: Update $1.00 to buy
- Operating system: Windows 2000/XP/2003/NT
- Date added: October 15, 2003
- Total Downloads: 11
- Downloads last week: 2
- See full specifications
- Average user rating: Be the first to rate this product!
Publisher's description
From Microsoft :There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog.
To exploit this vulnerability, an attacker could host a malicious Web Site designed to exploit this vulnerability. If an attacker then persuaded a user to visit that site an ActiveX control could be installed and executed on the user?s system. Alternatively, an attacker could create a specially formed HTML e-mail and send it to the user. If the user viewed the HTML e-mail an unauthorized ActiveX control could be installed and executed on the user?s system. In both scenarios the vulnerability in Authenticode could allow an unauthorized ActiveX control to be installed and executed on the user?s system, with the same permissions as the user, without prompting the user for approval.
The risk of attack from the HTML email vector can be significantly reduced if the following conditions are met:
- You have applied the patch included with Microsoft Security bulletin MS03-040
- You are using Internet Explorer 6 or later
- You are using the Microsoft Outlook Email Security Update or
- Microsoft Outlook Express 6.0 and higher, or Microsoft Outlook 2000 or higher in their default configuration.
More popular Operating Systems & Updates downloads
- 21,233 downloads 1. CNET TechTracker app
- 20,694 downloads 2. DriverMax
- 7,211 downloads 3. Windows 7 USB/DVD Download Tool
- 7,090 downloads 4. Microsoft Windows XP Home Edition
- 6,580 downloads 5. Windows XP Media Center Edition
- See all Operating Systems & Updates downloads
User reviews
Write your own review Be the first one to review Microsoft Security Bulletin MS03-041 823182 and share your experience with the CNET community!
Submit your review
- See more CNET content tagged:
- ActiveX Control,
- Authenticode,
- HTML,
- attacker,
- vulnerability


