Skip navigation
Menu
End-User Platforms>Windows 7/8

Microsoft Windows Shell Arbitrary Code Execution Vulnerabilty

Reported July 13, 2004, by Microsoft

VERSIONS AFFECTED

  • All versions of Windows

DESCRIPTION
A vulnerability in Windows could allow remote execution of arbitrary code on the vulnerable system. This vulnerability is a result of a flaw in the way that Windows Shell launches applications. A potential attacker could exploit the vulnerability if a user visited a malicious Web site. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. User interaction is required to exploit this vulnerability.

VENDOR RESPONSE
Microsoft has released bulletin MS04-024, "Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)," to address this vulnerability and recommends that affected users apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by Microsoft.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019