Microsoft Announces Patch for “Help Flaw” Security Hole

The Internet Patrol - Patrolling the Internet for You


Not a moment too soon, Microsoft has announced a fix for that pesky “help flaw” involving ActiveX which Aunty first reported on here and again here just yesterday.

Making this flaw even more devestating than some others is the fact that it affects so many flavours of Windows, including version of 98, 98 SE, XP, ME, 2000, and Windows Server.


Worse, this is one of the security holes for which the “how to exploit it” instructions were posted on at least one, maybe two or more websites, making the need for a fix extra-critical. Indeed, security companies were recommending that users disable Active X until a fix was offered.

Well, the fix is now being offered by Microsoft, who says of this particular flaw and fix:

“A vulnerability exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system. This vulnerability is documented in the Vulnerability Details section of this bulletin.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges.

We recommend that customers install the update immediately.”

Aunty recommends so too, and you can get the patch [Page no longer available – we have linked to the archive.org version instead].

 

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.