Article ID: 240159 - Last Review: January 25, 2007 - Revision: 3.2

Office 2000 ODBC driver vulnerability security update

View products that this article applies to.
This article was previously published under Q240159
Expand all | Collapse all

SUMMARY

In the course of producing the solution to the Office 97 ODBC Driver Vulnerability, Microsoft testing became aware of a separate vulnerability in the ODBC database driver that may affect Office 2000 users. This vulnerability is related to the IISAM component of the ODBC database driver and could be exploited by using an Excel 2000 query to perform malicious acts similar to those described in Office 97 ODBC Driver Vulnerability. Microsoft has produced a solution to this specific vulnerability and incorporated it into the Office 2000 ODBC Driver Vulnerability Security Update.

This article describes how to download and install this update.

NOTE: It is not necessary to install this update on Windows 2000.

NOTE: Microsoft released an updated version of the Office 97 ODBC Driver Vulnerability Security Update on October 11, 1999. The new update fixes an additional variant of the Text ISAM vulnerability.

For additional information about the Office 97 ODBC Driver Vulnerability, click the article number below to view the article in the Microsoft Knowledge Base:
238445  (http://support.microsoft.com/kb/238445/EN-US/ ) OFF97: Office 97 ODBC Driver Vulnerability Security Update
Back to the top

MORE INFORMATION

To download and install this update, follow these steps:

NOTE: Microsoft recommends that all Office 2000 and Excel 2000 users update their systems with this security update. For corporate users, we recommend that you first contact your system administrator before applying any updates or patches.
  1. Point your Web browser to the following Web site:
    http://www.microsoft.com/downloads/details.aspx?FamilyID=AF6C8D03-7633-45B4-AB96-795EE656F2A2&displaylang=EN (http://www.microsoft.com/downloads/details.aspx?FamilyID=AF6C8D03-7633-45B4-AB96-795EE656F2A2&displaylang=EN )
  2. Click Download Now!. Click Save this program to disk and then click OK.
  3. Click Save.
  4. In Windows Explorer, double-click the JetCopkg.exe file.
  5. Click Yes when you are asked whether to install this update.
  6. Click Yes to accept the License Agreement.
  7. Click OK when you see the message that indicates that the installation was successful.
NOTE: This update also installs the Office Document Open Confirmation Update. For additional information about the Office Document Open Confirmation Update, point your Web browser to the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?FamilyID=8B5762D2-077F-4031-9EE6-C9538E9F2A2F (http://www.microsoft.com/downloads/details.aspx?FamilyID=8B5762D2-077F-4031-9EE6-C9538E9F2A2F)
Back to the top

REFERENCES

For additional information about this problem, click the article numbers below to view the articles in the Microsoft Knowledge Base:
239482  (http://support.microsoft.com/kb/239482/EN-US/ ) ACC2000: Jet 4.0 Expression Can Execute Unsafe Visual Basic for Application Functions
239471  (http://support.microsoft.com/kb/239471/EN-US/ ) Jet 4.0 Text IISAM Allows Users to Append Lines to System Files
Back to the top
APPLIES TO
  • Microsoft Excel 2000 Standard Edition
  • Microsoft Office 2000 Developer Edition
  • Microsoft Office 2000 Premium Edition
  • Microsoft Office 2000 Professional Edition
  • Microsoft Office 2000 Small Business Edition
  • Microsoft Office 2000 Standard Edition
Back to the top
Keywords: 
kbdownload kbhowto kbofficeupdate KB240159
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations