07.195.2004 - MS04-024: Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)

This update resolves a newly-discovered, publicly reported vulnerability. A remote code execution vulnerability exists in the way that the Windows Shell launches applications. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. However, significant user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. - Download Windows NT Workstation SP6a Update - Download Windows NT Server SP6a Update - Download Windows NT Terminal Server SP6a Update - Download Windows NT Workstation SP6a w/ Active Desktop Update - Download Windows NT Server SP6a w/ Active Desktop Update - Download Windows 2000 SP2/SP3/SP4 Update - Download Windows XP / XPSP1 - Download Windows XP SP1 64-bit - Download Windows XP 64-bit Version 2003 - Download Windows Server 2003 - Download Windows Server 2003 64-bit - View Microsoft Security Bulletin MS04-024 - View Microsoft Knowledge Base Article - 839645 - Visit Microsoft Corporation