Security Update, February 14, 2002 (Internet Explorer 5.5)

Security Update, February 14, 2002 (Internet Explorer 5.5)

This is an updated version of Security Update, February 14, 2002. This update resolves the "Incorrect VBScript Handling in Internet Explorer can Allow Web Pages to Read Local Files" security vulnerability in Internet Explorer 5.5 and Windows 2000, and is discussed in Microsoft Security Bulletin MS02-009. Download now to help prevent a malicious user from using an unauthorized Web site to read the contents of files on your local computer.

This vulnerability exists because VBScript that is created dynamically in Internet Explorer can result in the script being assigned invalid permissions, which gives the script the ability to read your local files, if the path to the file is known. This update prevents a malicious user from running VBScript in an unauthorized Web site to read the contents of files on your computer.

For more information, read Microsoft Security Bulletin MS02-009. (This site is in English.)

System Requirements

This update applies to Internet Explorer 5.5 running with Windows 2000.

Note This update can also apply to a previous version of Internet Explorer running Windows Script Host 5.5. For more information about how to determine which version of Windows Script Host you are running, read Microsoft Security Bulletin MS02-009. (This site is in English.)

How to use

You don't need to do anything after installing this item.

How to uninstall

Uninstall is not available.

Print... | Close