Hi Susan,
If you dig just a bit deeper in the bulletin I believe the "Vulnerability
Details" section answers your quesion:
Vulnerability Details
Windows Shell Vulnerability - CAN-2004-0420:
A remote code execution vulnerability exists in the way that the Windows
Shell launches applications. An attacker could exploit the vulnerability if
a user visited a malicious Web site. If a user is logged on with
administrative privileges, an attacker who successfully exploited this
vulnerability could take complete control of an affected system. However,
user interaction is required to exploit this vulnerability.
Mitigating Factors for Windows Shell Vulnerability - CAN-2004-0420:
• In a Web-based attack scenario, an attacker would have to host a Web site
that contains a Web page that is used to exploit this vulnerability. An
attacker would have no way to force users to visit a malicious Web site.
Instead, an attacker would have to persuade them to visit the Web site,
typically by getting them to click a link that takes them to the attacker's
site.
• An attacker who successfully exploited this vulnerability could gain the
same privileges as the user. Users whose accounts are configured to have
fewer privileges on the system would be at less risk than users who operate
with administrative privileges.
• This vulnerability requires significant user interaction to be exploited.
--
Curtis Koenig
Security Support Engineer
Product Support Services, Security Team
MCSE, MCSES, CISSP
This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!
--------------------
