This article has been archived. It is offered "as is" and will no longer be updated.
The Microsoft virtual machine (Microsoft VM) is a virtual machine for the Win32 environment. The Microsoft VM is included in most versions of Windows and in most versions of Microsoft Internet Explorer.
A new version of the Microsoft VM is available that includes all previously released fixes for Microsoft VM and fixes for eight newly reported security issues. The attack vectors for all the new issues are most likely the same. An attacker can create a Web site that, when opened, exploits the particular vulnerability and either hosts the attack vector on a Web site or sends it to a user as an HTML mail message.
The newly reported security issues are:
A security vulnerability through which an untrusted Javaapplet can access Component Object Model (COM) objects
By design, COMobjects expose functionality, and therefore, should be available only totrusted Java programs. Some COM objects provide functionality through which anattacker may be able to take control of the system.
A pair of vulnerabilities that can disguise the actuallocation referred to by an applet's codebase attribute
Although eachvulnerability has different underlying causes, they both have the samepotential effect. By design, a Java applet that resides on user storage or anetwork share has read access to the folder that it resides in and to allfolders below it. These vulnerabilities provide methods by which an applet thatis located on a Web site can be made to misrepresent its location in itscodebase attribute. That is, the applet appears to reside on the user's localsystem or a network share instead of in its actual location.
A vulnerability that can permit an attacker to construct aURL that, when parsed, loads a Java applet from one Web site but misrepresentsit as belonging to another Web site
This vulnerability permits theattacker's applet to run in the other site's domain. Any information that theuser provides to this applet can be relayed back to the attacker.
A vulnerability that permits an applet to modify databasecontents
This vulnerability occurs because the Microsoft VM does notprevent applets from calling the JDBC APIs, a set of APIs that provide databaseaccess methods. By design, these APIs provide functionality to add, change,delete, and modify database contents, and they are subject only to the user'spermissions.
A vulnerability through which an attacker can temporarilyprevent specified Java objects from being loaded and run
The StandardSecurity Manager, an earlier version security mechanism, permits a user toimpose restrictions on Java applets, including preventing them from running atall. However, the Microsoft VM does not adequately control access to theStandard Security Manager, and therefore, an attacker's applet can add otherJava objects to the "banned" list.
A vulnerability through which an attacker can learn auser's user name on the user's local computer
This vulnerabilityoccurs because the user.dir system property is available to untrusted applets.Although knowing a user name does not in itself pose a security risk, anattacker may find this information useful for reconnaissance purposes.
A vulnerability that occurs because a Java applet mayperform an incomplete instantiation of another Java object
This causesthe containing program (Internet Explorer) to fail.
Microsoft has confirmed that this problem may cause a degree of security vulnerability in the Microsoft VM.
To determine the Microsoft VM build number on a computer that is running Windows 98, Windows 98 Second Edition (SE), or Windows Millennium Edition, follow these steps:
Click Start, and then clickRun.
In the Open box, typecommand, and then click OK.
At the command prompt, type jview,and then press ENTER. Notice that the version information appears on the firstline as "Version n.nn.nnnn," where the last fournnnn digits are the build number. For example,5.00.3802 is Microsoft VM build 3802.
To determine the Microsoft VM build number on a computer running Windows NT 4.0, Windows 2000, or Windows XP, follow these steps:
Click Start , and then clickRun.
In the Open box, typecmd, and then click OK.
At the command prompt, type the following command, andthen press ENTER:
Notice that the version information appears on the first line as"Version n.nn.nnnn," where the last fournnnn digits are the build number. For example,5.00.3802 is Microsoft VM build 3802.
For more information about this vulnerability, visit the following Microsoft Web site: