An attacker may exploit a vulnerability in Windows Script Engine by constructing a Web page that, when visited by a user, runs code of the attacker’s choice with user credentials. The attacker can host the Web page on a Web site or send the page directly to the user by e-mail.
This problem occurs because of a flaw in the way that Windows Script Engine for JScript processes information.
Windows XP service pack information
To resolve this problem, obtain the latest service pack for Windows XP. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
How to obtain the latest Windows XP service pack
To resolve this problem, you can install an update. You must install the update that corresponds to the version of operating system that you are running, and to the version of JScript that you currently have installed. To determine the version of JScript that is installed, follow these steps:
- Click Start, click Run, type %windir%\system32, and then click OK.
Note For Microsoft Windows 98 installations, type %windir%\system, and then click OK.
- In the system32 window, or in the System window if you are using Windows 98, locate the Jscript.dll file.
- Right-click the Jscript.dll file, and then click Properties.
- Click the Version tab.
The file version is displayed in the first line of information that appears on the Version tab.
After you have determined the version of JScript that is installed, click the download link that is specific to your operating system version. Then, review the Instructions section on the download page for information about which version of the JScript security update you must install.
The following files are available for download from the Microsoft Download Center:
Windows XP and Windows 2000
Windows NT 4.0 and Windows NT 4.0, Terminal Server Edition
Windows Millennium Edition
Windows 98 Second Edition and Windows 98
Release Date: March 19, 2003
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
|Operating system||Minimum requirement |
|Windows XP||Windows XP or Windows XP Service Pack 1 (SP1)|
|Windows 2000||Windows 2000 SP2, or SP3|
|Windows NT 4.0 Terminal Server Edition||Windows NT 4.0 TSE SP6|
|Windows NT 4.0||Windows NT 4.0 SP6a|
|Windows Millennium Edition ||Windows Millennium Edition |
|Windows 98 Second Edition ||Windows 98 Second Edition |
|Windows 98||Windows 98|
For more information about how to obtain the latest Windows XP service pack, click the following article number to view the article in the Microsoft Knowledge Base:
How to obtain the latest Windows XP service pack
For more information about how to obtain the latest Windows 2000 service pack, click the following article number to view the article in the Microsoft Knowledge Base:
How to obtain the latest Windows 2000 service pack
For more information about how to obtain the latest Windows NT 4.0 service pack, click the following article number to view the article in the Microsoft Knowledge Base:
How to obtain the latest Windows NT 4.0 service pack
This update supports the following Setup switches.
|/?||Display the list of installation switches. |
|/q||Use Quiet mode (no user interaction). |
|/t: full_path||The temporary working folder.|
|/c|| Extract only. Use with /t. |
|/c: cmd||Override install command defined by author. |
|/r||Control or force reboot. (See the following examples.)|
For example, the following command line installs the update with very little user intervention and then does not prevent the computer from restarting:
js56nen /q /r:n
To install the update with very little user intervention and silently restart without prompting the user:
js56nen /q /r:sNote
The updated file will not be completely installed. Therefore, the security hole will still exist until the computer has been restarted. For more information about command line switches, click the following article number to view the article in the Microsoft Knowledge Base:
Command-line switches for IExpress software update packages
JScript is a system file and protected component and therefore cannot be removed.
You must restart your computer after you apply this update.
Hotfix replacement information
This update does not replace any other updates.
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone
tab in the Date and Time tool in Control Panel.
Depending on the version of JScript installed (5.1, 5.5 or 5.6), one of the following files will be present in the %WINDIR%\System32 folder.
Date Time Version Size File name ----------------------------------------------------- 13-Jan-2003 20:57 126.96.36.19913 589,881 Jscript.dll 13-Jan-2003 18:53 188.8.131.5213 553,020 Jscript.dll 14-Jan-2003 14:58 184.108.40.20613 487,481 Jscript.dll
Microsoft has confirmed that this problem may cause a degree of security vulnerability in the Microsoft products that are listed in the "Applies to" section.
Windows XP This problem was first corrected in Microsoft Windows XP Service Pack 2.