An attacker may exploit a vulnerability in Windows Script Engine by constructing a Web page that, when visited by a user, runs code of the attacker’s choice with user credentials. The attacker can host the Web page on a Web site or send the page directly to the user by e-mail.

Back to the top

This problem occurs because of a flaw in the way that Windows Script Engine for JScript processes information.

Back to the top

Windows XP service pack information

To resolve this problem, obtain the latest service pack for Windows XP. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Back to the top

Update information

To resolve this problem, you can install an update. You must install the update that corresponds to the version of operating system that you are running, and to the version of JScript that you currently have installed. To determine the version of JScript that is installed, follow these steps:

1.	Click Start, click Run, type %windir%\system32, and then click OK. Note For Microsoft Windows 98 installations, type %windir%\system, and then click OK.
2.	In the system32 window, or in the System window if you are using Windows 98, locate the Jscript.dll file.
3.	Right-click the Jscript.dll file, and then click Properties.
4.	Click the Version tab. The file version is displayed in the first line of information that appears on the Version tab.

After you have determined the version of JScript that is installed, click the download link that is specific to your operating system version. Then, review the Instructions section on the download page for information about which version of the JScript security update you must install.

The following files are available for download from the Microsoft Download Center:

Windows XP and Windows 2000

Windows NT 4.0 and Windows NT 4.0, Terminal Server Edition

Windows Millennium Edition

Windows 98 Second Edition and Windows 98

Release Date: March 19, 2003

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

Prerequisites

Operating system	Minimum requirement
Windows XP	Windows XP or Windows XP Service Pack 1 (SP1)
Windows 2000	Windows 2000 SP2, or SP3
Windows NT 4.0 Terminal Server Edition	Windows NT 4.0 TSE SP6
Windows NT 4.0	Windows NT 4.0 SP6a
Windows Millennium Edition	Windows Millennium Edition
Windows 98 Second Edition	Windows 98 Second Edition
Windows 98	Windows 98

For more information about how to obtain the latest Windows XP service pack, click the following article number to view the article in the Microsoft Knowledge Base: For more information about how to obtain the latest Windows 2000 service pack, click the following article number to view the article in the Microsoft Knowledge Base:
For more information about how to obtain the latest Windows NT 4.0 service pack, click the following article number to view the article in the Microsoft Knowledge Base:

Installation information

This update supports the following Setup switches.

Switch	Description
/?	Display the list of installation switches.
/q	Use Quiet mode (no user interaction).
/t: full_path	The temporary working folder.
/c	Extract only. Use with /t.
/c: cmd	Override install command defined by author.
/r	Control or force reboot. (See the following examples.)

For example, the following command line installs the update with very little user intervention and then does not prevent the computer from restarting:To install the update with very little user intervention and silently restart without prompting the user: Note The updated file will not be completely installed. Therefore, the security hole will still exist until the computer has been restarted. For more information about command line switches, click the following article number to view the article in the Microsoft Knowledge Base:

Removal information

JScript is a system file and protected component and therefore cannot be removed.

Restart requirement

You must restart your computer after you apply this update.

Hotfix replacement information

This update does not replace any other updates.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Depending on the version of JScript installed (5.1, 5.5 or 5.6), one of the following files will be present in the %WINDIR%\System32 folder.

   Date         Time   Version     Size     File name
   -----------------------------------------------------
   13-Jan-2003  20:57  5.6.0.8513  589,881  Jscript.dll
   13-Jan-2003  18:53  5.5.0.8513  553,020  Jscript.dll
   14-Jan-2003  14:58  5.1.0.8513  487,481  Jscript.dll

Back to the top

Microsoft has confirmed that this problem may cause a degree of security vulnerability in the Microsoft products that are listed in the "Applies to" section.

Back to the top

Windows XP

This problem was first corrected in Microsoft Windows XP Service Pack 2.

Back to the top

For more information about this vulnerability, visit the following Microsoft Web site: For more information about JScript, visit the following Microsoft Web site:

Back to the top