This patch addresses two vulnerabilities. An unchecked buffer exists in the program that handles the decompressing of files from a zipped file. When this program tries to open a file that has a specially malformed file name that is contained in a zipped file, Windows Explorer may fail, or an attacker may be able to run any code. This behavior creates a security vulnerability.
The second vulnerability is that the decompression function may put a file in a folder that is different from, or that is a child of, the target folder that is specified by the user as the location where the decompressed ZIP files are put. This behavior may allow an attacker to put a file in a known location on the user's computer; for example, an attacker may put a program in a Startup folder.
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
URL Rewrite for IIS IIS URL Rewrite 2.0 enables Web administrators to create powerful rules to implement URLs that are easier for users to remember and easier for search engines to find. By using rule templates, rewrite maps, .NET providers, and other functionality integrated
Windows CE Platform Builder 2.12 QFE 30 Fixes made in this QFE:Components: FATMAINIssues resolved: System deadlocks on suspend/resume while accessing FAT file system, Kernel start location not resolved. This version is the first release on CNET Download.com.What is new in this release:This versi
Microsoft Office Project 2007 Service Pack 2 Microsoft Office Project 2007 Service Pack 2 (SP2) provides customers with the latest updates to Office Project 2007 (the products that are affected by this update are listed below). This download includes two types of fixes: previously unreleased fixes th
Microsoft Dynamics CRM 3.0-Exchange E-mail Router Update The Microsoft Dynamics CRM-Exchange E-mail Router (the Router) is a software component that provides an interface between the Microsoft Dynamics CRM system and Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003. When the Router is installed o
The Simple template Find these HTML templates to be an excellent starting point when beginning to build out dynamic, data-driven Web sites with Microsoft Visual Studio and Microsoft Visual Web Developer. It will give both designers and developers deep insight into their creat
Security Update for FrontPage 2002 Server Extensions (KB911831) A cross-site scripting and spoofing vulnerability exists in FrontPage 2002 Server Extensions. This update fixes that vulnerability. This version is the first release on CNET Download.com.What is new in this release:This version is the first release on CNET
Halo for Windows Update v1.031 The Halo Update v1.031 adds to the changes from v1.02, providing many options to allow servers to automatically prevent players from repeatedly killing teammates, by setting thresholds for automatic temporary or permanent bans, and limitations to the amoun
PowerPoint Templates Pack 3 This download is a collection of background and design templates included with PowerPoint 4.0 and later versions. This download is a collection of PowerPoint design templates from PowerPoint 4.0, PowerPoint 95, PowerPoint 97, and PowerPoint 2000. This vers
Search Engine Optimization Toolkit for IIS The IIS Search Engine Optimization (SEO) Toolkit helps Web developers, hosting providers, and Web server administrators to improve their Web site's relevance in search results by recommending how to make the site content more search engine-friendly. The II
Visual Zip Password Recovery Processor This is an advanced zip password recovery utility. It features a nice GUI interface and a number of exclusive attacks to beat zip passwords. Real zip passwords cracker. Undocumented features of ZIP files provide you with a great time reduction while search
Sheet Encryptor A freeware program that does encryption for Excel spreadsheets. Does not use any built-in Excel protection construct. Instead, it alters cells values in sheets (or ranges) selected by the user. Uses an external encryption key text file that is read in b
PCEye PCEye is a powerful and practical PC-based Computer Anti-Theft Security Alarm System, which phones you up on your cell phone when the alarm is triggered. Has a number of other methods of alerting you (email, Web) and can provide daily reports. Can also be
The Password Saver by Collection Agencies Store all your passwords for easy access in one secure, encrypted location. This password software encrypts the information in a secure file on your local hard drive to protect it from hackers, co-workers or family members, and identity thieves.What is new
MCS Password Manager 2008 MCS Password Manager 2008 is a software to remember all passwords, notes in safe method. One, main password - it's all what you need! You have problems with remember all your passwords, accounts, PIN numbers? Check out MCS Password Manager 2008! This appli
USB Flash Security++ Group Edition USB Flash Security is a security tool for mobile devices. It can help you to protect your mobile devices. It features protect data in USB flash memory by a password, format (FAT and FAT32), safely remove software which installed in protected area, limit of
Encrypt Easy Encrypt Easy is a highly secure file encryption program enabling fast and simple one-click encryption and decryption of single files, folders and entire directory trees. The program uses the best and most proven cryptographic algorithms such as 448-bit Blo
Diplomat eBusiness Solution Coviant Software's McAfee E-Business Server Replacement Program offers organizations that rely on McAfee E-Business Server a way to quickly address their needs for OpenPGP encryption.
McAfee no longer directly supports its E-Business Server products. Di
Manyprog PDF Password Recovery This simple program is designed to restore password to pdf file. This handy tool will be indispensable cases, if the password to the pdf document is hopelessly lost. A distinctive feature of this tool is that it not only can remove protection from pdf docu
SafeHouse Explorer for U3 Hide your files. Make folders invisible. SafeHouse Explorer provides total privacy and protection for your sensitive files and folders using passwords and super-strong 256-bit encryption. Don't let yourself become the next unwitting YouTube sensation when
Supported Operating Systems:
Windows XP |
Comments on Windows XP Unchecked Buffer in File Decompression Functions Vulnerability Patch:
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10