MS05-008: Vulnerability in Windows Shell (890047)
High Nessus Plugin ID 16324
SynopsisArbitrary code can be executed on the remote host through the web client.
DescriptionThe remote version of Windows contains a flaw in the Windows Shell that could allow an attacker to elevate his privileges and/or execute arbitrary code on the remote host.
To exploit this flaw, an attacker would need to lure a victim into visiting a malicious website or opening a malicious file attachment.
SolutionMicrosoft has released a set of patches for Windows 2000, XP and 2003.