PureBytes Links
Trading Reference Links
|
All versions of Microsoft Windows contain support for file conversion in the
operating system. With this functionality, users of Microsoft Windows can
convert file formats from one to another. In particular, Microsoft Windows
contains support for HTML conversion in the operating system. With this
functionality, users can view, import, or save files as HTML.
A vulnerability exists because a specially crafted request to the HTML
converter could cause the converter to fail in such a way that it could run
code in the context of the currently logged-on user. Because Microsoft
Internet Explorer uses this functionality, an attacker could craft a
specially formed Web page or HTML e-mail that would cause the HTML converter
to run arbitrary code on a user's computer. When a user visits an attacker’s
Web site, the attacker could exploit the vulnerability without any other
user action.
This security flaw is rated by Microsoft as CRITICAL.
For more information and links to download a patch, go to ...
http://www.microsoft.com/technet/security/bulletin/MS03-023.asp
- mark
|