This update resolves the "Indexing Service File Enumeration" vulnerability in Indexing Service 3.0 and is discussed in Microsoft Security Bulletin MS00-098. Download now to prevent a malicious Web site operator from gathering information about your files and folders. An ActiveXÃ????Ã???Ã??Ã?Â® control that is shipped with Indexing Service is incorrectly marked as "safe for scripting." The control makes it possible for Web applications and other programs to list the names of files and folders on a computer running Windows 2000. Because this control is marked "safe for scripting," a malicious Web site operator could use the control to gather the names and properties of files and folders on a visiting user's affected computer. Under very specific circumstances, if Indexing Service 3.0 is running on an affected computer, the malicious Web site operator might be able to search for files that contain specific words. For more information about this vulnerability, read Microsoft Security Bulletin MS00-098.
|File Size||202.09 kB|
|Operating System||Windows 98 Windows XP Windows 2000 Windows|