Add or Remove Programs
entry for Windows XP Hotfix - KB873333
. This critical security update for Windows XP addresses vulnerabilities in OLE and COM that could allow remote code execution.COM Structured Storage Vulnerability: A privilege elevation vulnerability exists in the way that the affected operating systems and programs access memory when they process COM structured storage files. This vulnerability could allow a logged on user to take complete control of the system.
Input Validation Vulnerability: A remote code execution vulnerability exists in OLE because of the way that it handles input validation. An attacker could exploit the vulnerability by constructing a malicious document that could potentially allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability on Windows 2000, Windows XP, and Windows Server 2003.