Ryan Lee

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP1 through SP2 Microsoft Windows Server 2003 versions up to SP1 Microsoft Office 2003 Description: The issue concerns the ShellAbout API call in the Korean Input Method Editor (IME) in certain Microsoft products. It allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link. This action executes Notepad with the privileges of the program displaying the about box. Recommendations: For Microsoft Windows XP versions SP1 through SP2, consider restricting access to the ShellAbout API call until a fix is available. For Microsoft Windows Server 2003 versions up to SP1, avoid using the Korean Input Method Editor (IME) until the issue is resolved. For Microsoft Office 2003, as a temporary workaround, consider disabling the launch of the "shell about dialog box" to minimize the risk of exploitation.