MS04-022: Task Scheduler Vulnerability (841873)
High Nessus Plugin ID 13640
SynopsisArbitrary code can be executed on the remote host through the web client.
DescriptionThe remote host is running a version of Windows which contains a flaw in the task scheduler that could lead to arbitrary execution of commands on the remote host.
To exploit this vulnerability, an attacker would need to lure a user on the remote host to take certain steps to execute a .job file, or to visit a rogue website, arbitrary commands could then be used on the remote host.
SolutionMicrosoft has released a set of patches for Windows 2000 and XP.