Microsoft KB Archive/810202

From BetaArchive Wiki
Knowledge Base


Security Vulnerability in DirectX Files Viewer ActiveX Control

Article ID: 810202

Article Last Modified on 2/1/2007


APPLIES TO

  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.01



SUMMARY

Microsoft has released a patch for a security vulnerability that exists in the DirectX Files Viewer control (Xweb.ocx).

For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

328970 MS02-066: November, 2002, Cumulative Patch for Internet Explorer


For additional information about the latest service pack for Microsoft Windows 2000, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack


MORE INFORMATION

The DirectX Files Viewer control is an older ActiveX control that has been retired. There is a buffer-overrun vulnerability in this control. This vulnerability might cause Internet Explorer to stop working, or might permit an attacker to run arbitrary code and to gain control of your computer. This control (Xweb.ocx) has the following class identifier (CLSID):

970C7E08-05A7-11D0-89AA-00A0C9054129


The patch sets the "kill" bit for this control. For additional information about setting the "kill" bit for an ActiveX control, click the following article number to view the article in the Microsoft Knowledge Base:

240797 How to Stop an ActiveX Control from Running in Internet Explorer


The DirectX File Viewer control is not installed by default with Internet Explorer; it is typically used only by developers or support professionals. This control has been retired and is no longer supported. However, to protect customers, the patch prevents this control from running or from being reintroduced on your computer. The patch prevents this by setting the "kill" bit for this component.


Additional query words: xweb

Keywords: kbinfo kbsecurity kbwin2ksp4fix KB810202



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/810202&oldid=190587
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki