Used Windows 2000 ActiveX Parameter Validation Vulnerability Patch for Windows?
Developer’s Description
An ActiveX control that ships as part of Windows 2000 contains an unchecked buffer. If the control was called from a Web page or HTML mail using a specially-malformed parameter, it would be possible to cause code to execute on the machine via a buffer overrun. This could potentially enable a malicious user to take any desired action on the user's machine, limited only by the permissions of the user.
The vulnerability could only be exploited if ActiveX controls are enabled in IE, Outlook, or Outlook Express. The Security Zones feature in Internet Explorer enables customers to limit what Web sites can do, and customers who have used the feature to prevent untrusted sites from invoking ActiveX controls would be at minimal risk from the Web-based attack scenario. Customers who have applied the Outlook Security Update would be protected against the mail-borne scenario, since it moves mail into the Restricted Sites Zone, thereby preventing HTML mails from invoking ActiveX controls.
See the ActiveX Parameter Validation Vulnerability FAQ for more information.
Used Windows 2000 ActiveX Parameter Validation Vulnerability Patch for Windows?
Explore More
Protection Plus
Trial version
USB Safe
Trial versionThe Vault
Free
Signature995
Free
SecurStick (64-Bit)
Free
Conjurers Encrypter
Free
SecurStick (32-Bit)
Free
Microsoft Excel 2000 Cumulative Update Patch
Free
Microsoft Windows 2000 Password Patch
Free
Windows 2000 Unchecked Buffer Help Security Vulnerability Patch
FreePassword Protector
Trial version
PDF Password Unlocker
Trial version
