SYMPTOMS
Help and Support Center provides a centralized facility that
users can obtain assistance from about a variety of topics. For example, it
provides product documentation, help in determining hardware compatibility,
access to Windows Updates, online Help from Microsoft, and other resources.
Users and programs can execute URL links to Help and Support Center by using
the "hcp://" prefix in a URL link instead of "http://".
However,
there is a security vulnerability in the Windows Millennium Edition (Me)
version of Help and Support Center. This occurs because the URL Handler for the
"hcp://" prefix contains an unchecked buffer.
An attacker may be able
to exploit this vulnerability by creating a URL that, when clicked by the user,
runs code chosen by the attacker in the Local Computer security context. The
URL may be hosted on a Web site, or sent directly to the user through e-mail.
In the Web-based scenario, where a user clicks the URL hosted on a Web site, an
attacker may be able to read or run files already residing on the local
computer. In an e-mail-born attack, if the user is using Microsoft Outlook
Express 6.0 or Microsoft Outlook 2002 in the default configuration, or is using
Microsoft Outlook 98 or Microsoft Outlook 2000 in conjunction with the Outlook
E-mail Security Update available on the following Microsoft Web site
an attack cannot be automated and the user must still click a URL
sent through e-mail. However, if the user is not using Outlook Express 6.0 or
Outlook 2002 in the default configuration, or is not using Outlook 98 or
Outlook 2000 in conjunction with the Outlook E-mail Security Update, the
attacker can trigger an attack automatically without the user having to click a
URL contained in an e-mail message.
Mitigating Factors
- The Help and Support Center function cannot be started
automatically in Outlook Express or Outlook if the user is running Microsoft
Internet Explorer 6.0 Service Pack 1 (SP1).. For additional information about how
to obtain Internet Explorer 6.0 SP1, click the following article number to view
the article in the Microsoft Knowledge Base:
328548
How
to Obtain the Latest Service Pack for Internet Explorer 6
- For an attack to be successful, the user must visit a Web
site under the attacker's control or receive an HTML e-mail message from the
attacker.
- Automatic exploitation of the vulnerability by an HTML
e-mail message is blocked by Outlook Express 6.0 and Outlook 2002 in their
default configurations, and is blocked by Outlook 98 and Outlook 2000 if used
in conjunction with the Outlook E-mail Security Update:
RESOLUTION
To resolve this problem, install the"812709: Security Update
(Windows Me)" package from the "Critical Updates" section of the following
Microsoft Windows Update Web site:
Administrators can download this update to deploy to
multiple computers by visiting the following Microsoft Web site:
If you want to obtain this update to install later on one or more
computers, search for this article ID number (812709) by using the
Advanced Search Options in the Windows Update Catalog.
For additional
information about how to download updates from the Windows Update Catalog,
click the following article number to view the article in the Microsoft
Knowledge Base:
323166
HOW TO: Download Windows Updates and Drivers from the Windows Update Catalog
Installation Information
Prerequisites
There are no prerequisites for the installation of this update.
Reboot Requirement
You must restart your computer after you apply this update.
Previous Update Status
This update does not supersede any other updates.
Setup Switches
This update supports the following Setup switches:
- /Q : Quiet modes for package.
- /T:full path : Specifies temporary working folder.
- /C : Extract files only to the folder when used with /T.
- /C:Cmd : Override Install command defined by author.
For example, to install the update without any user
intervention, use the following command line:
File Information
The English version of this
fix has the file attributes (or later) that are listed in the following table.
The dates and times for these files are listed in coordinated universal time
(UTC). When you view the file information, it is converted to local time. To
find the difference between UTC and local time, use the
Time
Zone tab in the Date and Time tool in Control Panel.
The following files are copied to the
%Windir%\PCHealth\Helpctr\Binaries folder:
Date Time Version Size File name
-----------------------------------------------------
08-Jan-2003 14:24 4.90.0.3004 499,984 Helpctr.exe
Note Because of file dependencies, this update may contain additional
files.