Reported February 8, 2005 by Microsoft

VERSIONS AFFECTED


  • Windows 2000

  • Windows XP

  • Windows Server 2003

DESCRIPTION

A vulnerability exists in the Dynamic HTML (DHTML) Editing Component ActiveX control that could allow an intruder to discover private information or execute code on a user's system. A successful exploit could allow the intruder to take complete control of a user's system.

VENDOR RESPONSE

Microsoft has released Security Bulletin MS05-013, "Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)," and a patch to correct the problem.