KB867801?

  • Thread starter Thread starter WinGuy
  • Start date Start date
W

WinGuy

Anyone know the specifics about this one that just showed up for me at the
Windows Update site (v4)? The Read More link about it didn't address this KB
that I saw ...
 
WinGuy said:
Anyone know the specifics about this one that just showed up for me at the
Windows Update site (v4)? The Read More link about it didn't address this KB
that I saw ...
Click to expand...

It looks important highlights from the "read more"

A remote code execution vulnerability exists in Internet Explorer because of the way that it handles navigation methods. An attacker could exploit the vulnerability by constructing a malicious web page that could potentially allow remote code execution if a user visited a malicious Web site. An attacker who successfully exploited this vulnerability could run malicious script code in the Local Machine security zone in Internet Explorer. If a user is logged on with administrative privileges, this could allow the attacker to take complete control of an affected system

A buffer overrun vulnerability exists in the processing of BMP image file formats that could allow remote code execution on an affected system. If the user is logged on with administrative privileges an attacker who successfully exploited this vulnerability could take complete control of the affected system. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges

Abuffer overrun vulnerability exists in the processing of GIF image file formats that could allow remote code execution on an affected system. If the user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
 
MAP said:
It looks important highlights from the "read more"
Click to expand...
<snip>

Ah, thanks. Indeed it is important. I just screwed up and clicked away from
it the update site provided link too fast because I didn't see the KB867801
reference displayed in bold at the top of the page, as I guess I was
expecting to see after linking to the page from the Read More link at the
update site (it is listed down a ways in the Bulletin Title, which I have to
scroll to see). I guess I was expecting to see confirmation right at the top
of a page indicating that I'm really looking at the correct link article.
<sigh> I also got the below referenced MS04-025 email alert about it,
several hours after I'd already applied the update.

Title: Microsoft Security Bulletin Summary for July 2004
Issued: July 13, 2004
Updated: July 30, 2004
Version Number: 2.0
Bulletin: http://go.microsoft.com/fwlink/?LinkId=32567
 
Back
Top