Microsoft Announces Web View Security Hole in Windows 2000

The Internet Patrol default featured image
Share the knowledge

Microsoft this week has announced a newly-discovered vulnerability in its Windows Explorer for Windows 2000. When the vulnerability is triggered, someone wishing to exploit the vulnerability would be able to remotely execute code on the user’s system, the advisory explained.

“A remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields. By persuading a user to preview a malicious file, an attacker could execute code. However, user interaction is required to exploit this vulnerability,” said the announcement.

Users with Microsoft Windows 2000 SP3 and SP4 are broadly affected. Users with Microsoft Windows Millennium Edition have the affected component as well, however Microsoft does not consider the risk to Windows ME systems to be critical, and Microsoft’s policy for support for Windows ME (along with Windows 98) is that “Microsoft will only release security updates for critical security issues. Non-critical security issues are not offered during this support period.”

The Microsoft website suggests the following workaround to the vulnerability, in addition to installing the Windows 2000 update:

Disable Web View:

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

Disabling Web View will reduce the ability to maliciously use this feature to perform an attack. To disable Web View, follow these steps:

1. Open My Computer

2. Under the Tools menu, select Folder Options.

3. On the General tab in the Web View section, select Use Windows classic folders

4. Click OK

Microsoft also warns that the user must log out and back in for the workaround to take affect, and that the work around will “reduce the functionality of Windows Explorer by removing the left hand task pane which contains links to common folders and tasks.”

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.