Microsoft KB Archive/891711

= MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution =

Article ID: 891711

Article Last Modified on 2/6/2007

-

APPLIES TO


 * Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
 * Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Datacenter Server
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Service Pack 4
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows XP for Itanium-based Systems Version 2003
 * Microsoft Windows XP Service Pack 1
 * Microsoft Windows XP Professional for Itanium-based systems
 * Microsoft Windows XP Professional for Itanium-based systems
 * Microsoft Windows XP Professional for Itanium-based systems
 * Microsoft Windows NT 4.0 Service Pack 6a
 * Microsoft Windows NT Server 4.0, Terminal Server Edition Service Pack 6
 * Microsoft Windows Millennium Edition
 * Microsoft Windows 98 Standard Edition
 * Microsoft Windows 98 Second Edition

-



Technical update
April 12, 2005:
 * Security update 891711 Microsoft Windows Millennium Edition, Windows 98 Second Edition, and Windows 98 packages were re-released on April 12, 2005.
 * When you install the security update 891711 original packages on a computer that is running Windows Millennium Edition, Windows 98 Second Edition, or Windows 98, the computer may stop responding. This issue has been corrected in the April 12, 2005, release.
 * The April 12, 2005, release runs as a system service on Windows Millennium Edition, Windows 98 Second Edition, and Windows 98. The Close Program dialog box does not list Kb891711.exe.
 * The &quot;Known issues&quot; section was added to this article.



Microsoft has released security bulletin MS05-002. The security bulletin contains all the relevant information about the security update. This includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web site:  Home users:

http://www.microsoft.com/athome/security/update/bulletins/default.mspx

 IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx





Known issues
The following known issues only apply to the packages that were re-released on April 12, 2005:
 * Uninstalling security update 891711 removes the entries from the registry and deletes the files from the system. However, uninstalling security update 891711 leaves an empty folder on the system.
 * On a computer that is running Windows Millennium Edition, Microsoft System Information (MSINFO32) does not list security update 891711. The Windows 98 and Windows 98 Second Edition version of MSINFO32 does list security update 891711 (Kb891711.exe). Most third-party applications that display processes will list Kb891711.exe.
 * On a computer that is running Windows Millennium Edition, Windows 98 Second Edition, or Windows 98, System Configuration Utility (MSCONFIG) only shows Kb891711.exe on the Startup tab.
 * If you disable the previous release through MSCONFIG, MSCONFIG may have two entries of Kb891711.exe after you install the version of security update 891711 that was re-released on April 12, 2005. One of these entries is selected, and one of these entries is not selected. When you select the entry that is not selected, MSCONFIG prompts you to restart the computer. After you restart the computer, only one entry is listed, and the one entry is selected. This behavior occurs because of the behavior of MSCONFIG and does not affect the ability of security update 891711 to help protect the computer as long as one of the entries is selected.

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Keywords: kbbug kbfix kbsecvulnerability kbqfe kbsecurity kbwinnt400presp7fix kbsecbulletin kbwinxppresp2fix kbwin2000presp5fix kbwinserv2003presp1fix kbhotfixserver KB891711

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.