Features
-
License:
Free
-
Editor's Rating:
Not rated
- Average User Rating:
-
Downloads:
13,093
- Operating Systems:
Windows XP
- Additional Requirements:
Windows XP 32-bit
- Limitations:
No limitations
- Date Added:
December 19, 2002
Publisher's description of Microsoft Windows XP (32-bit) Unchecked Buffer Vulnerability Patch
From Microsoft:The Windows Shell is responsible for providing the basic framework of the Windows user interface experience. It is most familiar to users as the Windows Desktop, but also provides a variety of other functions to help define the user's computing session, including organizing files and folders, and providing the means to start applications.
An unchecked buffer exists in one of the functions used by the Windows Shell to extract custom attribute information from audio files. A security vulnerability results because it is possible for a malicious user to mount a buffer overrun attack and attempt to exploit this flaw.
An attacker could seek to exploit this vulnerability by creating an MP3 or a WMA file that contains a corrupt custom attribute and then host it on a Web site or on a network share, or send it via an HTML e-mail. If a user were to hover his or her mouse pointer over the icon for the file (either on a Web page or on the local disk), or open the shared folder where the file is stored, the vulnerable code would be invoked. An HTML e-mail could cause the vulnerable code to be invoked when a user opens or previews the e-mail. A successful attack could have the effect of either causing the Windows Shell to fail, or causing an attacker's code to run on the user's computer in the security context of the user.
For more information about the vulnerabilities this update addresses, read the associated Microsoft Security Bulletin.
CNET Editor's Note: This patch is for the Windows XP 32-bit edition.
- See more CNET content tagged:
- HTML,
- Microsoft Corp.,
- Microsoft Windows,
- code,
- security
More popular Encryption Software downloads
- 58,873 downloads 1. RoboForm
- 10,761 downloads 2. SuperEncryptor
- 5,756 downloads 3. Folder Lock
- 2,546 downloads 4. Eraser
- 2,154 downloads 5. RAR Password Cracker
- See all Encryption Software downloads
User reviews
- Average user rating: 0 stars Not yet available
- My rating: 0 stars Write review
-
Showing 1 of 1 user reviewSee 1 user review
This software version | All versions -
Version: Microsoft Windows XP (32-bit) Unchecked Buffer Vulnerability Patch MS02-072
Cons: Im sick and tired of YAHOO and their sneaky installation techniques.
- See 1 user review Write review
Submit your review
You must be 13 years of age or older to submit personal information to CNET Networks. In compliance with the Children's Online Privacy Protection Act of 1998, CNET Networks does not accept name and e-mail address information from users who are under 13 years of age.
All submitted ratings and written comments become the sole property of CNET Networks, Inc. (CNET) and may be used at CNET Networks' sole discretion. Ratings and written comments are generally posted within two to four business days in batch groups, not in real time. However, CNET Networks reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET Networks, are responsible for the contents of your submission.
CNET Networks is not responsible for the content of the publisher's descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CNET Download.com does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products.
%20Unchecked%20Buffer%20Vulnerability%20Patch%20-%20Free%20software%20downloads%20and%20reviews%20-%20CNET%20Download.com&srcUrl=http://download.cnet.com/Microsoft-Windows-XP-32-bit-Unchecked-Buffer-Vulnerability-Patch/3000-2092_4-10176061.html){kind=small}