Home Page | Main Article Index | FREE XP Newsletter | Privacy Policy

KB828750 Security Patch

Vulnerability in Authenticode Verification Could
Allow Remote Code Execution - CRITICAL!

So What's The Story With Patch KB828750

Microsoft has published a new cumulative patch (KB828750), on the 8th October 2003, for Internet Explorer.

This is a cumulative security patch for Microsoft Internet Explorer that includes the functionality of all previously released patches for Internet Explorer 5.01, 5.5, and 6.

Additionally, this security patch eliminates the following newly discovered vulnerabilities:

A vulnerability that occurs because Internet Explorer does not correctly determine an object type that is returned from a Web server in a pop-up window. An attacker who exploits this vulnerability could run arbitrary programs on your computer. If you were to visit an attacker's Web site, the attacker could exploit this vulnerability without any other action on your part. An attacker could also create an HTML–based e-mail message that could exploit this vulnerability.

A vulnerability that occurs because Internet Explorer does not correctly determine an object type that is returned from a Web server during XML data binding. An attacker who exploits this vulnerability could run arbitrary programs on your computer. If you were to visit an attacker's Web site, the attacker could exploit this vulnerability without any other action on your part. An attacker could also create an HTML–based e-mail message that could exploit this vulnerability.

Microsoft has changed the method that Internet Explorer uses to handle Dynamic HTML (DHTML) Behaviors in the Internet Explorer Restricted zone. An attacker who exploits a separate vulnerability could cause Internet Explorer to run script code in the security context of the Internet zone.

Additionally, an attacker could use the Microsoft Windows Media Player ability to open Web addresses (or URLs) in the context of the Local Computer zone from a separate zone to construct an attack. An attacker could also create an HTML-based e-mail message that could exploit this behaviour.

To exploit these flaws, the attacker would have to create a specially formed HTML–based e-mail message and send the message to you. Or, an attacker could host a malicious Web site that contains a Web page that is designed to exploit these vulnerabilities. The attacker would then have to persuade you to visit that Web site.

Because this security patch sets the Kill bit on the Microsoft HTML Help control, you may experience broken links in Help if you have not installed the updated HTML Help control from Microsoft Knowledge Base article 811630. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
811630 HTML Help Update to Limit Functionality When It Is Invoked with the window.showHelp( ) Method
As with the previous Internet Explorer cumulative patch that was released with security bulletin MS03-032 (822925), this cumulative security patch causes the window.showHelp method to stop working if you have not applied the HTML Help update. If you have installed the updated HTML Help control from Microsoft Knowledge Base article 811630, you can still use HTML Help functionality after you apply this update. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
811630 HTML Help Update to Limit Functionality When It Is Invoked with the window.showHelp( ) Method

You must be logged on as an administrator to install this update. To download and install this update, visit the Windows Update Web site, and then install critical update KB828750...

Update Versions:

To install the Internet Explorer 6 for Windows Server 2003 versions of this update, you must be running Internet Explorer 6 (version 6.00.3790.0000) on Windows Server 2003 (32-bit or 64-bit) or you must be running Internet Explorer 6 on Windows XP 64-Bit Edition, Version 2003.

To install the Internet Explorer 6 Service Pack 1 (SP1) versions of this update, you must be running Internet Explorer 6 SP1 (version 6.00.2800.1106) on Windows XP 64-Bit Edition, Version 2002; Windows XP SP1; Windows XP; Windows 2000 Service Pack 4 (SP4); Windows 2000 Service Pack 3 (SP3); Windows NT Server 4.0 Service Pack 6a (SP6a); or Windows Millennium Edition.

To install the Internet Explorer 6 version of this update, you must be running Internet Explorer 6 (version 6.00.2600.0000) on Windows XP.

To install the Internet Explorer 5.5 version of this update, you must be running Internet Explorer 5.5 Service Pack 2 (version 5.50.4807.2300) on Windows 2000 SP4, Windows 2000 SP3, Windows NT Server 4.0 SP6a, or Windows Millennium Edition.

To install the Internet Explorer 5.01 version of this update, you must be running Internet Explorer 5.01 Service Pack 4 (version 5.00.3700.1000) on Windows 2000 SP4 or you must be running Internet Explorer 5.01 Service Pack 3 (version 5.00.3502.1000) on Windows 2000 SP3.

The information in this KB828750 article applies to:

Microsoft Windows Server 2003, Datacenter Edition
Microsoft Windows Server 2003, Enterprise Edition
Microsoft Windows Server 2003, Standard Edition
Microsoft Windows Server 2003, Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Millennium
Microsoft Windows NT Server 4.0 Terminal Server Edition
Microsoft Windows NT Server 4.0
Microsoft Windows NT Workstation 4.

Not Sure KB828750 Is Installed On Your PC?

Apart from a quick check in the Add/Remove panel to see if KB828750 is listed...

You may also be able to verify the files that this security patch installed by reviewing the following registry key:

For Windows XP Home Edition and Windows XP Professional:

Confirm that the Installed DWORD value with a data value of 1 appears in the following registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{96543d59-497a-4801-a1f3-5936aacaf7b1}

Windows Server 2003 and Windows XP 64-Bit Edition:

Confirm that the Installed DWORD value with a data value of 1 appears in the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB828750

Restart Requirement:

You must restart your computer after you apply this security patch.

Removal Information:

To remove this patch, use the Add or Remove Programs tool in Control Panel.

Conclusion:

As ever I would urge ALL of you to download and apply the latest patch's, to keep your anti-virus software up to date and use a firewall to protect against unwanted intrusions!

By applying this KB828750 cumulative patch you will stop any known exploits of Internet Explorer. It is HIGHLY recommended you install it NOW!

Well I hope this article was useful..

Click Here

Regards

Marc Liron
www.updatexp.com

Need a regular dose of Windows XP Articles?

Sign Up For A GREAT Windows XP Newsletter!

Windows XP News
Windows XP Tips
Patch Update News
Info on Internet Explorer and Outlook Express
Windows Media Player Plugin Reviews
And so much more......

Get regular Windows XP news and tips -
make XP work the way YOU want it to work!

The views on this website are my own and not that of Microsoft.
I am not responsible for the content of any sites linked to.
ALL Trademarks are freely acknowledged
ALL information is provided "As Is"

This page was last updated 8th October 2003

Home Page | Main Article Index | FREE XP Newsletter | Privacy Policy

An article on the KB828750 IE6 October 2003 Cumulative Patch