CVE-2002-0694

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fix, including 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP

Description The issue concerns the HTML Help facility in Microsoft Windows. It allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed.

Recommendations For Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP, apply the fix provided by Microsoft to resolve the issue. As a temporary workaround, consider restricting the execution of .chm files from the Temporary Internet Files folder to minimize the risk of exploitation.