Dear Windows-Help.NET Subscriber,
This week Microsoft released two security patches which are of importance to the general Windows 9.x & Office user.
First there was the long awaited fix for Office 97, which is now called the Office "ODBC Vulnerabilities". Not only Office 97 users are at risk, but also Office 2000 users, as well as other Microsoft software using the Microsoft Jet.
Microsoft Jet serves as the database engine for a number of Microsoft products, including but not limited to:
- Microsoft Office
- Microsoft Visual Studio
- Microsoft Publisher
- Microsoft Streets & Trips
A patch is available for Jet 3.5 and all subsequent versions. Older versions of Jet are no longer supported, and Microsoft recommends that affected customers upgrade to a supported version. The OfficeUpdate site automatically detects the version of Jet that is installed on a machine, and applies the correct patch. The patch is suitable for widespread deployment via Microsoft® Systems Management Server®. Users who wish to manually apply patches for specific versions of Jet should consult the FAQ for information on how to do this.
The second patch is for the "Virtual Machine Sandbox" Vulnerability. This vulnerability could allow a Java applet to take virtually any action on the computer of a web site visitor.
The Microsoft VM is a virtual machine for the Win32® operating environment. It runs atop Microsoft Windows® 95, 98 or Windows NT®. It ships as part of each operating system, and also as part of Microsoft Internet Explorer. The version of the Microsoft VM that ships with Microsoft Internet Explorer 4.0 and Internet Explorer 5.0 contains a security vulnerability that could allow a Java applet to operate outside the bounds set by the sandbox and take any desired action on the user's computer. If such an applet were hosted on a web site, it could act against the computer of any user who visited the site.
Affected Software Versions
- Microsoft VM, all builds in the 2000 and 3000 series
Note: The affected versions are shipped primarily as part of Internet Explorer 4.0 and 5. The FAQ provides instructions for determining the specific build on your machine.
Patch Availability
More Information
Please see the following references for more information related to this issue.
Special Offer from the InfiniSource Software Store
Total Protection Bundle McAfee
Get All Three of These Great Products for ONLY $49.95 After $20 Mail-in Rebate: VirusScan Classic v4.0, Cyber Sentinel, & 2000 Toolbox