Microsoft Windows 2000 Patch: Indexing Service Cross Site Scripting

This update resolves the "Indexing Services Cross Site Scripting" vulnerability in Indexing Services for Windows 2000 and is discussed in Microsoft Security Bulletin MS00-084. Download now to prevent a malicious user from introducing code on your Web server and returning it as a Web page to a visiting browser. Indexing Services is a search engine that is integrated with Internet Information Services (IIS) 5.0 and Windows 2000 that allows browsers to perform full-text searches of Web sites. Indexing Services does not properly validate all search inputs before processing them, and is consequently vulnerable to Cross-Site Scripting (CSS). CSS allows a malicious user to "inject" code into another person's Web session. If a malicious user is successful in exploiting this vulnerability, he or she can use a Web site hosted by your server to run code on a visting user's browser each time it returns to your Web site. Note Indexing Services ships and installs with Windows 2000, but is not enabled by default. If you are running Web servers on Windows 2000 and you have enabled Indexing Services, Microsoft recommends that you apply this update. For more information about this vulnerability, read Microsoft Security Bulletin MS00-084.
PriceUSD0
LicenseFree
File Size195.85 kB
VersionUpdate
Operating System Windows XP Windows Windows 2000 Windows 98
System Requirements<li>Windows NT 4 SP 6</li><li>Windows 2003 SP 1</li><li>Windows XP AMD 64-bit</li><li>Windows XP 64-bit SP 1</li><li>Windows NT 4 SP 2</li><li>Windows 2000 SP 1</li><li>Windows 2003 64-bit</li><li>Windows 2003 AMD 64-bit</li><li>Windows XP 64-bit SP 2</li><li>Windows NT 4 SP 3</li><li>Windows 2000 SP 2</li><li>Windows Server 2003 x64 R2</li><li>Windows 2000</li><li>Windows 2003 64-bit SP 1</li><li>Windows Vista AMD 64-bit</li><li>Windows XP Itanium 64-bit</li><li>Windows NT 4 SP 4</li><li>Windows 2000 SP 3</li><li>Windows NT 4</li><li>Windows XP 32-bit</li><li>Windows XP SP 1</li><li>Windows Server 2003 x86 R2</li><li>Windows ME</li><li>Windows 2003 Itanium 64-bit</li><li>Windows NT 4 SP 5</li><li>Windows 2000 SP 4</li><li>Windows Vista 32-bit</li><li>Windows XP 64-bit</li><li>Windows NT 4 SP 1</li><li>Windows Server 2008 x64</li><li>Windows NT 3</li><li>Windows Server 2008 x86</li><li>Windows XP</li><li>Windows Server 2008</li><li>Windows 2003</li><li>Windows Vista Itanium 64-bit</li><li>Windows XP Itanium 64-bit SP 1</li><li>Windows 2003 32-bit</li><li>Windows XP Itanium 64-bit SP 2</li><li>Windows XP SP 2</li><li>Windows 95</li><li>Windows 98</li><li>Windows Vista</li><li>Windows NT</li><li>Windows 2003 Itanium 64-bit SP 1</li><li>Windows XP Pro</li>