P-126: Microsoft Vulnerability in DHTML Editing Component Active X Control

REVISION HISTORY:
03/10/2006 - revised to reflect the changes Microsoft has made to MS05-013.



[***** Start Microsoft Security Bulletin MS05-013 *****]

Microsoft Security Bulletin MS05-013

Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)

Issued: February 8, 2005 | Updated: March 8, 2006
Version: 1.2

Summary

Who should read this document: Customers who use Microsoft Windows

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately.

Security Update Replacement: None

Caveats: Microsoft Knowledge Base Article 891781 documents the currently known 
issues that customers may experience when they install this security update. 
The article also documents recommended solutions for these issues. For more 
information, see Microsoft Knowledge Base Article 891781.

Tested Software and Security Update Download Locations:

Affected Software:
•	Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service 
          Pack 4 – Download the update
•	Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service 
          Pack 2 – Download the update
•	Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium) 
          – Download the update
•	Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium) 
          – Download the update
•	Microsoft Windows Server 2003 – Download the update
•	Microsoft Windows Server 2003 for Itanium-based Systems – Download the update
•	Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), 
           and Microsoft Windows Millennium Edition (ME) – Review the FAQ section 
           of this bulletin for details about these operating systems.

The software in this list has been tested to determine whether the versions are 
affected. Other versions either no longer include security update support or 
may not be affected. To determine the support life cycle for your product and 
version, visit the Microsoft Support Lifecycle Web site.

Top of sectionTop of section

General Information
	
Executive Summary

Executive Summary:

This update resolves a newly-discovered, public vulnerability. A vulnerability 
exists in the DHTML Editing Component ActiveX Control. This vulnerability could 
allow information disclosure or remote code execution on an affected system. The 
vulnerability is documented in the “Vulnerability Details” section of this bulletin.

If a user is logged on with administrative user rights, an attacker who successfully 
exploited this vulnerability could take complete control of an affected system. 
An attacker could then install programs; view, change, or delete data; or create
new accounts with full user rights. Users whose accounts are configured to have 
fewer user rights on the system could be less impacted than users who operate with 
administrative user rights.

We recommend that customers apply the update immediately.

Severity Ratings and Vulnerability Identifiers:

Vulnerability Identifiers - DHTML Editing Component ActiveX Control Cross Domain 
                            Vulnerability - CAN-2004-1319
Impact of Vulnerability	- Remote Code Execution
Windows 98, 98 SE, ME - Critical
Windows 2000 - Critical
Windows XP - Critical
Windows XP Service Pack 2 - Important
Windows Server 2003 - Moderate

This assessment is based on the types of systems that are affected by the 
vulnerability, their typical deployment patterns, and the effect that exploiting 
the vulnerability would have on them.

	
Frequently asked questions (FAQ) related to this security update
	
Vulnerability Details

Affected Software:

For information about the specific security update for your affected software, click the appropriate link:
	
Windows Server 2003 (all versions)
Windows XP (all versions)
Windows 2000 (all versions)

Obtaining Other Security Updates:

Updates for other security issues are available from the following locations:

• Security updates are available from the Microsoft Download Center. You can find them most easily by doing 
  a keyword search for "security_patch."
 
• Updates for consumer platforms are available from the Windows Update Web site.

Support: 

• Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 
  1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.
 
• International customers can receive support from their local Microsoft subsidiaries. There is no charge 
  for support that is associated with security updates. For more information about how to contact Microsoft 
  for support issues, visit the International Support Web site.

Security Resources: 

• The Microsoft TechNet Security Web site provides additional information about security in Microsoft 
  products.
 
• Microsoft Software Update Services
 
• Microsoft Baseline Security Analyzer (MBSA)
 
• Windows Update 
 
• Windows Update Catalog: For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166.
 
• Office Update 

Software Update Services:

By using Microsoft Software Update Services (SUS), administrators can quickly and reliably deploy the latest 
critical updates and security updates to Windows 2000 and Windows Server 2003-based servers, and to desktop 
systems that are running Windows 2000 Professional or Windows XP Professional.

For more information about how to deploy this security update with Software Update Services, visit the 
Software Update Services Web site.

Systems Management Server:

Microsoft Systems Management Server (SMS) delivers a highly-configurable enterprise solution for managing 
updates. By using SMS, administrators can identify Windows-based systems that require security updates and 
to perform controlled deployment of these updates throughout the enterprise with minimal disruption to end 
users. For more information about how administrators can use SMS 2003 to deploy security updates, visit the 
SMS 2003 Security Patch Management Web site. SMS 2.0 users can also use Software Updates Service Feature Pack 
to help deploy security updates. For information about SMS, visit the SMS Web site.

Note SMS uses the Microsoft Baseline Security Analyzer and the Microsoft Office Detection Tool to 
provide broad support for security bulletin update detection and deployment. Some software updates may not 
be detected by these tools. Administrators can use the inventory capabilities of the SMS in these cases to 
target updates to specific systems. For more information about this procedure, see the following Web site. 
Some security updates require administrative rights following a restart of the system. Administrators can 
use the Elevated Rights Deployment Tool (available in the SMS 2003 Administration Feature Pack and in the 
SMS 2.0 Administration Feature Pack) to install these updates.

Disclaimer: 

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. 
Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability 
and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for 
any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or 
special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such 
damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental 
damages so the foregoing limitation may not apply.

Revisions: 

[***** End Microsoft Security Bulletin MS05-013 *****]

   

    Voice:          +1 866-941-2472 (7 x 24)
    E-mail:          doecirc@doecirc.energy.gov
    World Wide Web:  http://www.doecirc.energy.gov/