• info
• discussion
• exploit
• solution
• references

Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability

Solution:
Windows 95/98/ME users should obtain fixes from the Windows Update website.

Please see the references for more information.


Microsoft Data Access Components (MDAC) 2.7 SP1

• Microsoft Security Update for Microsoft Data Access Components 2.7 Service Pack 1 (KB911562)
  For Windows 2000 SP 4 and Windows XP SP 1.
  http://www.microsoft.com/downloads/details.aspx?familyid=0AA7C8B7-8417 -42D8-8E73-5466C03B8C65&displaylang=en


• Microsoft Security Update for Windows XP (KB911562)
  For Windows XP SP 1 and SP 2.
  http://www.microsoft.com/downloads/details.aspx?familyid=2F9E772C-8122 -4027-A117-E93227B2C79F&displaylang=en

Microsoft Data Access Components (MDAC) 2.8 SP1

• Microsoft Security Update for Microsoft Data Access Components 2.8 Service Pack 1 (KB911562)
  For Windows 2000 SP 4.
  http://www.microsoft.com/downloads/details.aspx?familyid=7358DA31-959C -4E3E-8115-51DC6D441365&displaylang=en


• Microsoft Security Update for Windows XP (KB911562)
  For Windows XP SP 1 and SP 2.
  http://www.microsoft.com/downloads/details.aspx?familyid=2F9E772C-8122 -4027-A117-E93227B2C79F&displaylang=en

Microsoft Data Access Components (MDAC) 2.8 SP2

• Microsoft Security Update for Windows Server 2003 (KB911562)
  For Windows Server 2003 and Windows Server 2003 SP 1.
  http://www.microsoft.com/downloads/details.aspx?familyid=39B29ED4-9B95 -4593-BCB6-4BB03CA5F8F1&displaylang=en


• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB911562)
  For Windows Server 2003 and Windows Server 2003 Service Pack 1 for Itanium-based Systems.
  http://www.microsoft.com/downloads/details.aspx?familyid=4D2FE426-E34E -4192-8A0F-35E440E948E2&displaylang=en


• Microsoft Security Update for Windows Server x64 Edition (KB911562)
  http://www.microsoft.com/downloads/details.aspx?familyid=E237C2C7-9819 -437B-AB70-298BA62AC285&displaylang=en


• Microsoft Security Update for Windows XP x64 Edition (KB911562)
  For Windows XP x64 Edition.
  http://www.microsoft.com/downloads/details.aspx?familyid=9C8B645D-0F01 -4B79-B6B3-55279BEDB944&displaylang=en

Microsoft Data Access Components (MDAC) 2.8

• Microsoft Security Update for Microsoft Data Access Components 2.8 (KB911562)
  For Windows 2000 SP 4 and Windows XP SP 1.
  http://www.microsoft.com/downloads/details.aspx?familyid=2494B25D-452F -4025-8B67-41A5C840F7E2&displaylang=en


• Microsoft Security Update for Windows Server 2003 (KB911562)
  For Windows Server 2003 and Windows Server 2003 SP 1.
  http://www.microsoft.com/downloads/details.aspx?familyid=39B29ED4-9B95 -4593-BCB6-4BB03CA5F8F1&displaylang=en


• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB911562)
  For Windows Server 2003 and Windows Server 2003 Service Pack 1 for Itanium-based Systems.
  http://www.microsoft.com/downloads/details.aspx?familyid=4D2FE426-E34E -4192-8A0F-35E440E948E2&displaylang=en

Microsoft Data Access Components (MDAC) 2.5 SP3

• Microsoft Security Update for Microsoft Data Access Components 2.5 Service Pack 3 (KB911562) - English
  For Windows 2000 SP 4.
  http://www.microsoft.com/downloads/details.aspx?familyid=1B3E6CB9-1EF2 -4BA1-A2F2-F87B717372FB&displaylang=en