• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows DHTML Edit Control Script Injection Vulnerability

Solution:
Microsoft has released updates for supported platforms. Windows 98/98SE/ME updates may be obtained through Windows Update.

Nortel Networks has released security advisory 2005005513-2 acknowledging this issue. Please the referenced advisory for further information.


Microsoft Windows XP Media Center Edition SP2

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows XP 64-bit Edition SP1

• Microsoft Security Update for Windows XP 64-bit Edition (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9E0247B8-240E -416C-9586-ACD5EF8578DE&displaylang=en

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=AEA07CBA-0E2B -4A22-91ED-1D23BB012C04&displaylang=en

Microsoft Windows 2000 Professional SP3

• Microsoft Security Update for Windows 2000 (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=AEA07CBA-0E2B -4A22-91ED-1D23BB012C04&displaylang=en

Microsoft Windows XP Tablet PC Edition SP1

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows Server 2003 Enterprise Edition

• Microsoft Security Update for Windows Server 2003 (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=E99F5BDD-8EA8 -4837-960E-0D20DEA9AC4D&displaylang=en

Microsoft Windows XP Home SP2

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows XP Tablet PC Edition SP2

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows XP Media Center Edition SP1

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows Server 2003 Web Edition

• Microsoft Security Update for Windows Server 2003 (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=E99F5BDD-8EA8 -4837-960E-0D20DEA9AC4D&displaylang=en

Microsoft Windows 2000 Advanced Server SP3

• Microsoft Security Update for Windows 2000 (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=AEA07CBA-0E2B -4A22-91ED-1D23BB012C04&displaylang=en

Microsoft Windows XP Home SP1

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows Server 2003 Enterprise Edition Itanium 0

• Microsoft !!DHTMLEditControl Microsoft Windows Server 2003 64-bit
  


• Microsoft Security Update for Windows Server 2003 64-bit Edition and Windows XP 64-bit Edition, Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?familyid=2CE98263-2AB4 -4FE3-8B0B-5B3155119730&displaylang=en

Microsoft Windows Server 2003 Standard Edition

• Microsoft Security Update for Windows Server 2003 (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=E99F5BDD-8EA8 -4837-960E-0D20DEA9AC4D&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003

• Microsoft Security Update for Windows Server 2003 64-bit Edition and Windows XP 64-bit Edition, Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?familyid=2CE98263-2AB4 -4FE3-8B0B-5B3155119730&displaylang=en

Microsoft Windows XP Professional SP2

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=AEA07CBA-0E2B -4A22-91ED-1D23BB012C04&displaylang=en

Microsoft Windows XP Professional SP1

• Microsoft Security Update for Windows XP (KB891781)
  http://www.microsoft.com/downloads/details.aspx?familyid=9490E7D2-03C2 -463A-B3D0-B949F5295208&displaylang=en

Microsoft Windows Server 2003 Datacenter Edition Itanium 0

• Microsoft Security Update for Windows Server 2003 64-bit Edition and Windows XP 64-bit Edition, Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?familyid=2CE98263-2AB4 -4FE3-8B0B-5B3155119730&displaylang=en