Used Windows 2000 ActiveX Parameter Validation Vulnerability Patch for Windows? Share your experience and help other users.
Key Details of Windows 2000 ActiveX Parameter Validation Vulnerability Patch
- Eliminate a Windows 2000 vulnerability allowing code to run on another machine.
- Last updated on
- There have been 3 updates
- Virus scan status:
Clean (it’s extremely likely that this software program is clean)
Developer’s Description
An ActiveX control that ships as part of Windows 2000 contains an unchecked buffer. If the control was called from a Web page or HTML mail using a specially-malformed parameter, it would be possible to cause code to execute on the machine via a buffer overrun. This could potentially enable a malicious user to take any desired action on the user's machine, limited only by the permissions of the user.
The vulnerability could only be exploited if ActiveX controls are enabled in IE, Outlook, or Outlook Express. The Security Zones feature in Internet Explorer enables customers to limit what Web sites can do, and customers who have used the feature to prevent untrusted sites from invoking ActiveX controls would be at minimal risk from the Web-based attack scenario. Customers who have applied the Outlook Security Update would be protected against the mail-borne scenario, since it moves mail into the Restricted Sites Zone, thereby preventing HTML mails from invoking ActiveX controls.
See the ActiveX Parameter Validation Vulnerability FAQ for more information.
Used Windows 2000 ActiveX Parameter Validation Vulnerability Patch for Windows? Share your experience and help other users.
Explore More
LockLizard PDF DRM - Secure PDC Viewer
FreeLockLizard Safeguard PDF Security
Trial versionSafeCrypt
FreeSecret Keeper
Trial versionSpylab WebSpy
Trial version
Windows Certificate Enrollment Control Vulnerability Patch (Windows 98/98 Second Edition)
FreeSilent BossKey
Trial versionLockLizard Protector - Secure Web Viewer
FreeFileStream Secure Disk
Trial versionTextEncrypt
Trial versionDrag Drop Form Password Manager
Trial versionWISeForm
Trial version
