Microsoft KB Archive/215339

= INFO: Security Patch Available for Forms 2.0 ActiveX Control =

PSS ID Number: 215339

Article Last Modified on 12/11/2003

-

The information in this article applies to:


 * Microsoft Visual Basic Learning Edition for Windows 5.0
 * Microsoft Visual Basic Learning Edition for Windows 6.0
 * Microsoft Visual Basic Professional Edition for Windows 5.0
 * Microsoft Visual Basic Professional Edition for Windows 6.0
 * Microsoft Visual Basic Enterprise Edition for Windows 5.0
 * Microsoft Visual Basic Enterprise Edition for Windows 6.0
 * Microsoft Visual Basic for Applications

-



This article was previously published under Q215339



SUMMARY
Microsoft has released a fully-supported patch that fixes a vulnerability in the Forms 2.0 ActiveX control. This control is distributed in any application that includes Visual Basic for Applications 5.0.

You can download the Forms 2.0 Security Patch from the Microsoft Office Page.

The next section explains the security vulnerability and the updated files in the patch.



MORE INFORMATION
The Forms 2.0 ActiveX control has a vulnerability that allows text to be pasted from a user's Clipboard into a Forms 2.0 Text Box or Combo Box. A malicious hacker could use the Forms 2.0 Control to read or export text on a user's Clipboard when that user visits a Web site or opens a HTML e-mail created by the hacker.

The Forms 2.0 Security Patch prevents a hacker from exploiting this vulnerability.

The Forms 2.0 Security Patch is a fully-supported patch. If you have problems installing this patch or require technical assistance with this patch, please contact: Microsoft Technical Support.

