Microsoft Security Bulletin MS04-015
Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374)
Issued: May 11, 2004
Version: 1.0
Summary
Who should read this document: Customers who use Microsoft® Windows®
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Important
Recommendation: Customers should install the update at the earliest opportunity.
Security Update Replacement: None
Caveats: Microsoft Knowledge Base Article 841996 documents a known issue that customers may experience when they install this security update on a system where the Help and Support Center service is disabled. For the installation of this security update to be successful, the Help and Support Center service cannot be disabled. The article also documents recommended solutions for this issue. For more information, see Microsoft Knowledge Base Article 841996.
Tested Software and Security Update Download Locations:
Affected Software:
• Microsoft Windows XP and Microsoft Windows XP Service Pack 1 – Download the update
• Microsoft Windows XP 64-Bit Edition Service Pack 1 – Download the update
• Microsoft Windows XP 64-Bit Edition Version 2003 – Download the update
• Microsoft Windows Server™ 2003 – Download the update
• Microsoft Windows Server 2003 64-Bit Edition – Download the update
Non-Affected Software:
• Microsoft Windows NT® Workstation 4.0 Service Pack 6a
• Microsoft Windows NT Server 4.0 Service Pack 6a
• Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
• Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4
• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)
The software in this list has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site
http://www.microsoft.com/technet/sec.../MS04-015.mspx