|
|
|
 Microsoft UpdateScan your computer for Windows and Office updates that you need OLE DB Provider for Internet Publishing Update for Windows 95 & 98, NT 4.0, 2000, Windows MeBrief DescriptionImpact of vulnerability: Web-based script could levy WebDAV requests on the user’s behalf. If you have an affected version, you should consider downloading this patch. On This PageQuick Details
OverviewImpact of vulnerability: Web-based script could levy WebDAV requests on the user’s behalf. Recommendation: Customers should consult the FAQ to determine whether they have an affected version and consider applying the patch if they do. The Microsoft Data Access Component Internet Publishing Provider provides access to WebDAV resources over the Internet. By design, it should differentiate between requests made by a user and those made by script running in the user’s browser. However, because of an implementation flaw, it handles all requests in the security context of the user. As a result, if a user browsed to a web page or opened an HTML e-mail that contained script, that script could access web-based resources as the user. Because it supports WebDAV, and WebDAV is the underlying technology behind many web-based collaboration features offered by Microsoft products, the Provider is installed by a variety of different Microsoft products. It’s provided as part of Windows Me and Windows 2000, and also can be installed by recent versions of Office as well as other Microsoft products. System Requirements
Instructions
What Others Are DownloadingOthers who downloaded OLE DB Provider for Internet Publishing Update for Windows 95 & 98, NT 4.0, 2000, Windows Me also downloaded:
|
