Article
03/01/2023

Security Bulletin

Microsoft Security Bulletin MS04-014 - Important

Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

Published: April 13, 2004 | Updated: May 11, 2004

Version: 2.0

Issued: April 13, 2004
Updated: May 11, 2004
Version: 2.0

Summary

Who should read this document: Customers who use Microsoft® Windows®

Impact of vulnerability: Remote Code Execution

Maximum Severity Rating: Important

Recommendation: Customers should install the update at the earliest opportunity.

Security Update Replacement: None

Caveats: None

Tested Software and Security Update Download Locations:

Affected Software:

Microsoft Windows NT® Workstation 4.0 Service Pack 6a - Download the update
Microsoft Windows NT Server 4.0 Service Pack 6a - Download the update
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Download the update
Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4 - Download the update
Microsoft Windows XP and Microsoft Windows XP Service Pack 1 - Download the update
Microsoft Windows XP 64-Bit Edition Service Pack 1 - Download the update
Microsoft Windows XP 64-Bit Edition Version 2003 - Download the update
Microsoft Windows Server™ 2003 - Download the update
Microsoft Windows Server 2003 64-Bit Edition - Download the update
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) - Review the FAQ section of this bulletin for details about these operating systems.

Tested Microsoft Windows Components:

Affected Components:

Microsoft Jet Database Engine version 4.0

The software that is listed above has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site.

General Information

Technical Details

Executive Summary:

Microsoft updated this bulletin on May 11, 2004 to advise on the availability of a revised version of the security update for non-English versions of Windows XP (as opposed to Windows XP Service Pack 1). The original update does address the vulnerability in Windows XP for all supported languages; however, the original update was not fully localized. Specifically, optional Jet error strings were only being offered in English on Windows XP. This issue does not affect other operating systems. If you have previously applied the security update for other operating systems, including Windows XP Service Pack 1, you need not take any additional action.

If you have previously applied the security update for non-English versions of Windows XP (as opposed to Windows XP Service Pack 1), you need not take any additional action as you are already protected from this vulnerability. However, if you want to have the Jet optional text error information in the same language as your Windows XP installation, you will need to remove the original security update MS04-014 (837001) following the Removal Information procedure located in this document and install the revised version. Once 837001 is uninstalled, revisiting Windows Update will result in the revised MS04-014 security update for Windows XP being re-offered with the correct, localized, optional text error strings.

The following files, on non-English systems only, were updated as part of this update: mswstr10.dll and msjint40.dll. You may see other files with new Date and Time information from the original release - these files remain unchanged, only the 2 files above have been updated.

A buffer overrun vulnerability exists in the Microsoft Jet Database Engine (Jet) that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

Microsoft recommends that customers install the update at the earliest opportunity.

Severity Ratings and Vulnerability Identifiers:

Vulnerability Identifiers	Impact of Vulnerability	Windows 98, 98 SE, ME	Windows NT 4.0	Windows 2000	Windows XP	Windows Server 2003
Jet Vulnerability - CAN-2004-0197	Remote Code Execution	Not Critical	Moderate	Important	Important	Important

The above assessment is based on the types of systems that are affected by the vulnerability, their typical deployment patterns, and the effect that exploiting the vulnerability would have on them.

Why was this bulletin updated?
Microsoft updated this bulletin on May 11, 2004 to advise on the availability of a revised version of the security update for non-English versions of Windows XP (as opposed to Windows XP Service Pack 1). The original update does address the vulnerability in Windows XP for all supported languages; however, the original update was not fully localized. Specifically, optional Jet error strings were only being offered in English on Windows XP. This issue does not affect other operating systems. If you have previously applied the security update for other operating systems, including Windows XP Service Pack 1, you need not take any additional action.

Can this security update be uninstalled?
Yes. This security update can be uninstalled from systems that are running Windows 2000, Windows XP, and Windows Server 2003. However, the security update cannot be uninstalled from systems that are running Windows NT 4.0.

I installed this security update and now I am no longer offered Jet 4.0 Service Pack 8 on Windows Update. What happened?
This security update to the Microsoft Jet Database Engine replaces Jet 4.0 Service Pack 8 (829558). If you have not previously installed the Jet 4.0 Service Pack 8 (829558), all updates contained in it will be included in this update.

I am running Windows NT 4.0, how do I know if I have Jet installed?
Windows NT 4.0 does not include the Jet Database Engine by default. However, the Jet Database Engine is used by many applications and could have been installed on your system by an application such as Microsoft Office or Microsoft Visual Studio. Jet is also available as a stand-alone download. To determine if the Jet Database Engine is present on your system, search for the file named Msjet40.dll. If this file is present, this security update is required.

Where can I find the security update for Jet for Windows NT 4.0?
Although Jet is considered a Windows component, it is not part of the Windows NT 4.0 default installation. Therefore, this update is not available through Windows Update. The security update for Windows NT 4.0 is available for download at the following location.

If I have the Msjet40.dll file on my system, how do I know if I am vulnerable?
To determine if you are vulnerable, compare the file version of the Msjet40.dll file installed on your computer to the file version found in the Security Update Information section. If the version of Msjet40.dll is lower than 4.0.8618.0, you are vulnerable and need to apply this security update.

How does the extended support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition affect the release of security updates for these operating systems?
Microsoft will only be releasing security updates for critical security issues. Non-critical security issues are not being offered during this support period. For more information about the Microsoft Support Lifecycle policies for these operating systems, visit the following Web site. For more information about severity ratings, visit the following Web site.

Are Windows 98, Windows 98 Second Edition or Windows Millennium Edition critically affected by the vulnerability that is addressed in this security bulletin?
No. This vulnerability is not critical in severity on Windows 98, on Windows 98 Second Edition, or on Windows Millennium Edition.

Can I use the Microsoft Baseline Security Analyzer (MBSA) to determine if this update is required?
Yes. MBSA will determine if this update is required. For more information about MBSA, visit the MBSA Web site.

Can I use Systems Management Server (SMS) to determine if this update is required?
Yes. SMS can help detect and deploy this security update. For information about SMS, visit the SMS Web site.

Vulnerability Details

Jet Vulnerability - CAN-2004-0197:

A buffer overrun vulnerability exists in the Microsoft Jet Database Engine (Jet) that could allow remote code execution on an affected system. An attacker could exploit the vulnerability by creating a specially crafted database query and sending it through an application that is using Jet on an affected system. An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges.

Mitigating Factors for Jet Vulnerability - CAN-2004-0197:

Windows NT 4.0 does not contain a version of the Microsoft Jet Database Engine (Jet) by default. However, other applications such as Microsoft Office or Microsoft Visual Studio could have installed Jet. Jet is also available as a stand-alone download. To determine if Jet is present on a system, search for the file named Msjet40.dll. If this file exists, this security update is required.
If the application that is communicating with Jet is using strong input validation, it is possible to filter the malicious input that an attacker is trying to submit to the Jet engine. Strong input validation means that all input is considered to be not trusted. Developing with strong input validation is considered to be a best practice. For more information about best practice application development and about application input validation, visit the MSDN Web site.
If an attacker successfully exploited this vulnerability, they would gain the same privileges as the user context of the application. Users or services whose accounts are configured to have few privileges on the system would be at less risk than users or services that operate with administrative or system privileges.

Workarounds for Jet Vulnerability - CAN-2004-0197:

None

FAQ for Jet Vulnerability - CAN-2004-0197:

What is the scope of the vulnerability?
This is a buffer overrun vulnerability. An attacker could exploit the vulnerability remotely by creating a specially crafted database query and sending it through an application that is using Jet on an affected system. An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

What causes the vulnerability?
The vulnerability results from the way that a database request is processed by the Microsoft Jet Database Engine (Jet).

What is the Microsoft Jet Database Engine (Jet)?
The Microsoft Jet Database Engine (Jet) provides data access to applications such as Microsoft Access, Microsoft Visual Basic, and many third party applications. Jet can also be used by Internet Information Services (IIS) applications that require database functionality.

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could take complete control of the affected system.

Who could exploit the vulnerability?
Any anonymous user who could send a specially crafted database query to an application that uses the Jet engine on an affected system could attempt to exploit this vulnerability.

How could an attacker exploit this vulnerability?
An attacker could exploit the vulnerability by creating a specially crafted database query and sending it to an application that uses Jet on an affected system, which could then cause the affected system to execute code.

What systems are primarily at risk from the vulnerability?
Any system with an application that uses Jet could be vulnerable to this issue. For example, Web-based applications that are running on IIS that use Jet for data storage could be at risk. If this Web-based application does not perform proper input validation, the system would be at greater risk. Developers who follow application development recommendations for validating input could reduce the risk of this vulnerability.

What does the update do?
The update modifies the way that database requests are processed by Jet.

Security Update Information

Installation Platforms and Prerequisites:

For information about the specific security update for your operating system, click the appropriate link:

Windows Server 2003 (all versions)

Prerequisites This security update requires a released version of Windows Server 2003.

Inclusion in Future Service Packs: The update for this issue will be included in Windows Server 2003 Service Pack 1.

Installation Information

/help Display the command-line options

Setup Modes

/quiet Use Quiet mode (no user interaction or display)

/passive Use Unattended mode (progress bar only)

/uninstall Uninstall the package

Restart Options

/norestart Do not require restart when installation is complete

/forcerestart Require restart after installation

Special Options

/l Lists installed Windows hotfixes or update packages

/o Overwrite OEM files without prompting

/n Do not back up files that are needed for uninstall

/f Force other programs to close when the computer shuts down

Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that are used by the previous version of the Setup utility. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841.

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt for Windows Server 2003:

Windowsserver2003-kb837001-x86-enu /passive /quiet

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows Server 2003:

Windowsserver2003-kb837001-x86-enu /norestart

For information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site.

Restart Requirement

In some cases, this update does not require a reboot. The installer stops the needed services, applies the update, and then restarts the services. However, if the needed services cannot be stopped for any reason, or if required files are in use, this update will require a reboot. If this occurs, a message is displayed that advises you to reboot.

Removal Information

To remove this update, use the Add or Remove Programs tool in Control Panel.

System administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe utility is located in the %Windir%\$NTUninstallKB837001$\Spuninst folder. The Spuninst.exe utility supports the following Setup switches:

/?: Show the list of installation switches.

/u: Use unattended mode.

/f: Force other programs to quit when the computer shuts down.

/z: Do not restart when the installation is complete.

/q: Use Quiet mode (no user interaction).

File Information

The English version of this security update has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Windows Server 2003 Enterprise Edition, Windows Server 2003 Standard Edition, Windows Server 2003 Web Edition, and Windows Server 2003 Datacenter Edition:

Date Time Version Size File name Folder
---------------------------------------------------------------------
03/07/2004 03:14 3.60.8618.0 561,179 Dao360.dll RTMGDR
03/07/2004 03:14 6.0.72.9589 380,957 Expsrv.dll RTMGDR
03/07/2004 03:14 4.0.8618.0 319,517 Msexcl40.dll RTMGDR
03/07/2004 03:14 4.0.8618.0 1,507,356 Msjet40.dll RTMDGR
02/17/2004 05:15 4.0.8227.0 358,976 Msjetoledb40.dll RTMGDR
03/07/2004 03:14 4.0.8618.0 241,693 Msjtes40.dll RTMGDR
03/07/2004 03:14 4.0.8015.0 348,189 Mspbde40.dll RTMGDR
03/07/2004 03:14 4.0.7328.0 421,919 Msrd2x40.dll RTMGDR
03/07/2004 03:14 4.0.8015.0 552,989 Msrepl40.dll RTMGDR
03/07/2004 03:14 4.0.8015.0 258,077 Mstext40.dll RTMGDR
03/07/2004 03:14 4.0.8025.0 348,189 Msxbde40.dll RTMGDR
03/07/2004 03:07 3.60.8618.0 561,179 Dao360.dll RTMQFE
03/07/2004 03:07 6.0.72.9589 380,957 Expsrv.dll RTMQFE
03/07/2004 03:07 4.0.8618.0 319,517 Msexcl40.dll RTMQFE
03/07/2004 03:07 4.0.8618.0 1,507,356 Msjet40.dll RTMQFE
12/01/2003 23:28 4.0.8227.0 358,976 Msjetoledb40.dll RTMQFE
03/07/2004 03:07 4.0.8618.0 241,693 Msjtes40.dll RTMQFE
03/07/2004 03:07 4.0.8015.0 348,189 Mspbde40.dll RTMQFE
03/07/2004 03:07 4.0.7328.0 421,919 Msrd2x40.dll RTMQFE
03/07/2004 03:07 4.0.8015.0 552,989 Msrepl40.dll RTMQFE
03/07/2004 03:07 4.0.8015.0 258,077 Mstext40.dll RTMQFE
03/07/2004 03:07 4.0.8025.0 348,189 Msxbde40.dll RTMQFE

Windows Server 2003 64-Bit Enterprise Edition and Windows Server 2003 64-Bit Datacenter Edition:

Date Time Version Size File name Platform Folder
----------------------------------------------------------------------------------
03/27/2004 18:42 6.0.0.8481 1,210,368 Expsrv.dll IA64 RTMGDR
03/07/2004 03:14 3.60.8618.0 561,179 Wdao360.dll IA64 RTMGDR\WOW
03/07/2004 03:14 6.0.72.9589 380,957 Wexpsrv.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8618.0 319,517 Wmsexcl40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8618.0 1,507,356 Wmsjet40.dll IA64 RTMGDR\WOW
02/17/2004 05:15 4.0.8227.0 358,976 Wmsjetoledb40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8618.0 241,693 Wmsjtes40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8015.0 348,189 Wmspbde40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.7328.0 421,919 Wmsrd2x40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8015.0 552,989 Wmsrepl40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8015.0 258,077 Wmstext40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8025.0 348,189 Wmsxbde40.dll IA64 RTMGDR\WOW
03/27/2004 18:42 6.0.0.8481 1,210,368 Expsrv.dll IA64 RTMQFE
03/07/2004 03:07 3.60.8618.0 561,179 Wdao360.dll IA64 RTMQFE\WOW
03/07/2004 03:07 6.0.72.9589 380,957 Wexpsrv.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8618.0 319,517 Wmsexcl40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8618.0 1,507,356 Wmsjet40.dll IA64 RTMQFE\WOW
12/01/2003 23:28 4.0.8227.0 358,976 Wmsjetoledb40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8618.0 241,693 Wmsjtes40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8015.0 348,189 Wmspbde40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.7328.0 421,919 Wmsrd2x40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8015.0 552,989 Wmsrepl40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8015.0 258,077 Wmstext40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8025.0 348,189 Wmsxbde40.dll IA64 RTMQFE\WOW

Note When you install this security update on Windows Server 2003 or on Windows XP 64-Bit Edition Version 2003, the installer checks to see if any of the files that are being updated on your system have previously been updated by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE files to your system. Otherwise, the installer copies the RTMGDR files to your system. For more information, see Microsoft Knowledge Base Article 824994.

Verifying Update Installation

To verify that a security update is installed on an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool, which allows administrators to scan local and remote systems for missing security updates and for common security misconfigurations. For more information about MBSA, visit the Microsoft Baseline Security Analyzer Web site.

You may also be able to verify the files that this security update has installed by reviewing the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP1\KB837001\Filelist

Note This registry key may not be created correctly if an administrator or an OEM integrates or slipstreams the 837001 security update into the Windows installation source files.

Windows XP (all versions)

Note For Windows XP 64-Bit Edition Version 2003, this security update is the same as the Windows Server 2003 64-Bit Edition security update.

Prerequisites This security update requires the released version of Windows XP or Windows XP Service Pack 1 (SP1). For more information, see Microsoft Knowledge Base Article 322389.

Inclusion in Future Service Packs: The update for this issue will be included in Windows XP Service Pack 2.

Installation Information

This security update supports the following setup switches:

/help Displays the command-line options

Setup Modes

/quiet Use Quiet mode (no user interaction or display)

/passive Unattended mode (progress bar only)

/uninstall Uninstalls the package

Restart Options

/norestart Do not restart when installation is complete

/forcerestart Restart after installation

Special Options

/l Lists installed Windows hotfixes or update packages

/o Overwrite OEM files without prompting

/n Do not backup files needed for uninstall

/f Force other programs to close when the computer shuts down

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt for Windows XP:

Windowsxp-kb837001-x86-enu /passive /quiet

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows XP:

Windowsxp-kb837001-x86-enu /norestart

For information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site.

Restart Requirement

Removal Information

To remove this update, use the Add or Remove Programs tool in Control Panel.

System administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe is located in the %Windir%\$NTUninstallKB837001$\Spuninst folder. The Spuninst.exe utility supports the following setup switches:

/?: Show the list of installation switches.

/u: Use unattended mode.

/f: Force other programs to quit when the computer shuts down.

/z: Do not restart when the installation is complete.

/q: Use Quiet mode (no user interaction).

File Information

The English version of this update has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Windows XP Home Edition, Windows XP Professional, Windows XP Home Edition Service Pack 1, Windows XP Professional Service Pack 1, Windows XP Tablet PC Edition, and Windows XP Media Center Edition:

Date Time Version Size File name Folder
------------------------------------------------------------------------
03/01/2004 18:55 3.60.8618.0 561,179 Dao360.dll (pre-sp1)
03/16/2004 18:44 6.0.72.9589 380,957 Expsrv.dll (pre-sp1)
03/01/2004 18:55 4.0.6807.0 512,029 Msexch40.dll (pre-sp1)
03/01/2004 18:55 4.0.8618.0 319,517 Msexcl40.dll (pre-sp1)
03/16/2004 18:44 4.0.8618.0 1,507,356 Msjet40.dll (pre-sp1)
03/01/2004 18:52 4.0.8227.0 358,976 Msjetoledb40.dll (pre-sp1)
03/01/2004 18:55 4.0.6508.0 151,583 Msjint40.dll (pre-sp1)
03/01/2004 18:55 4.0.6508.0 53,279 Msjter40.dll (pre-sp1)
03/01/2004 18:55 4.0.8618.0 241,693 Msjtes40.dll (pre-sp1)
03/01/2004 18:55 4.0.6508.0 213,023 Msltus40.dll (pre-sp1)
03/01/2004 18:55 4.0.8015.0 348,189 Mspbde40.dll (pre-sp1)
03/01/2004 18:55 4.0.7328.0 421,919 Msrd2x40.dll (pre-sp1)
03/01/2004 18:55 4.0.6508.0 315,423 Msrd3x40.dll (pre-sp1)
03/01/2004 18:55 4.0.8015.0 552,989 Msrepl40.dll (pre-sp1)
03/01/2004 18:55 4.0.8015.0 258,077 Mstext40.dll (pre-sp1)
03/01/2004 18:55 4.0.6508.0 831,519 Mswdat10.dll (pre-sp1)
03/01/2004 18:55 4.0.6508.0 614,431 Mswstr10.dll (pre-sp1)
03/01/2004 18:55 4.0.8025.0 348,189 Msxbde40.dll (pre-sp1)
03/16/2004 18:44 6.0.1.9431 30,749 Vbajet32.dll (pre-sp1)
03/01/2004 18:55 3.60.8618.0 561,179 Dao360.dll (with sp1)
01/10/2004 11:37 6.0.72.9589 380,957 Expsrv.dll (with sp1)
03/01/2004 18:55 4.0.6807.0 512,029 Msexch40.dll (with sp1)
03/01/2004 18:55 4.0.8618.0 319,517 Msexcl40.dll (with sp1)
03/16/2004 18:44 4.0.8618.0 1,507,356 Msjet40.dll (with sp1)
03/01/2004 18:52 4.0.8227.0 358,976 Msjetoledb40.dll (with sp1)
03/16/2004 17:38 4.0.6508.0 151,583 Msjint40.dll (with sp1)
01/10/2004 11:36 4.0.6508.0 53,279 Msjter40.dll (with sp1)
03/01/2004 18:55 4.0.8618.0 241,693 Msjtes40.dll (with sp1)
01/10/2004 11:36 4.0.6508.0 213,023 Msltus40.dll (with sp1)
03/01/2004 18:55 4.0.8015.0 348,189 Mspbde40.dll (with sp1)
01/10/2004 11:36 4.0.7328.0 421,919 Msrd2x40.dll (with sp1)
01/10/2004 11:36 4.0.6508.0 315,423 Msrd3x40.dll (with sp1)
03/01/2004 18:55 4.0.8015.0 552,989 Msrepl40.dll (with sp1)
03/01/2004 18:55 4.0.8015.0 258,077 Mstext40.dll (with sp1)
01/10/2004 11:36 4.0.6508.0 831,519 Mswdat10.dll (with sp1)
03/16/2004 17:38 4.0.6508.0 614,431 Mswstr10.dll (with sp1)
03/01/2004 18:55 4.0.8025.0 348,189 Msxbde40.dll (with sp1)
03/16/2004 18:44 6.0.1.9431 30,749 Vbajet32.dll (with sp1)

Windows XP 64-Bit Edition Service Pack 1:

Date Time Version Size File name Platform
-------------------------------------------------------------------------
01/09/2004 23:11 6.0.0.8481 1,210,368 Expsrv.dll IA64
02/23/2004 23:07 3.60.8618.0 561,179 Wdao360.dll IA64
01/10/2004 11:37 6.0.72.9598 380,957 Wexpsrv.dll IA64
01/10/2004 11:36 4.0.6807.0 512,029 Wmsexch40.dll IA64
02/23/2004 23:07 4.0.8618.0 319,517 Wmsexcl40.dll IA64
02/23/2004 23:07 4.0.8618.0 1,507,356 Wmsjet40.dll IA64
01/09/2004 23:09 4.0.8227.0 358,976 Wmsjetoledb40.dll IA64
03/16/2004 17:38 4.0.6508.0 151,583 Wmsjint40.dll IA64
01/10/2004 11:36 4.0.6508.0 53,279 Wmsjter40.dll IA64
02/23/2004 23:07 4.0.8618.0 241,693 Wmsjtes40.dll IA64
01/10/2004 11:36 4.0.6508.0 213,023 Wmsltus40.dll IA64
01/10/2004 11:36 4.0.8015.0 348,189 Wmspbde40.dll IA64
01/10/2004 11:36 4.0.7328.0 421,919 Wmsrd2x40.dll IA64
01/10/2004 11:36 4.0.6508.0 315,423 Wmsrd3x40.dll IA64
01/10/2004 11:36 4.0.8015.0 552,989 Wmsrepl40.dll IA64
01/10/2004 11:36 4.0.8015.0 258,077 Wmstext40.dll IA64
01/10/2004 11:36 4.0.6508.0 831,519 Wmswdat10.dll IA64
03/16/2004 17:38 4.0.6508.0 614,431 Wmswstr10.dll IA64
01/10/2004 11:36 4.0.8025.0 348,189 Wmsxbde40.dll IA64
01/10/2004 11:37 6.0.1.9431 30,749 Wvbajet32.dll IA64

Windows XP 64-Bit Edition Version 2003:

Date Time Version Size File name Platform Folder
--------------------------------------------------------------------------------
03/27/2004 18:42 6.0.0.8481 1,210,368 Expsrv.dll IA64 RTMGDR
03/07/2004 03:14 3.60.8618.0 561,179 Wdao360.dll IA64 RTMGDR\WOW
03/07/2004 03:14 6.0.72.9589 380,957 Wexpsrv.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8618.0 319,517 Wmsexcl40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8618.0 1,507,356 Wmsjet40.dll IA64 RTMGDR\WOW
02/17/2004 05:15 4.0.8227.0 358,976 Wmsjetoledb40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8618.0 241,693 Wmsjtes40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8015.0 348,189 Wmspbde40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.7328.0 421,919 Wmsrd2x40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8015.0 552,989 Wmsrepl40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8015.0 258,077 Wmstext40.dll IA64 RTMGDR\WOW
03/07/2004 03:14 4.0.8025.0 348,189 Wmsxbde40.dll IA64 RTMGDR\WOW
03/27/2004 18:42 6.0.0.8481 1,210,368 Expsrv.dll IA64 RTMQFE
03/07/2004 03:07 3.60.8618.0 561,179 Wdao360.dll IA64 RTMQFE\WOW
03/07/2004 03:07 6.0.72.9589 380,957 Wexpsrv.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8118.0 319,517 Wmsexcl40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8118.0 1,507,356 Wmsjet40.dll IA64 RTMQFE\WOW
12/01/2003 23:28 4.0.8227.0 358,976 Wmsjetoledb40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8618.0 241,693 Wmsjtes40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8015.0 348,189 Wmspbde40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.7328.0 421,919 Wmsrd2x40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8015.0 552,989 Wmsrepl40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8015.0 258,077 Wmstext40.dll IA64 RTMQFE\WOW
03/07/2004 03:07 4.0.8025.0 348,189 Wmsxbde40.dll IA64 RTMQFE\WOW

Note The Windows XP and Windows XP 64-Bit Edition Version 2003 versions of this security update are packaged as dual-mode packages, which contain files for both the original version of Windows XP and Windows XP Service Pack 1 (SP1). For additional information about dual-mode packages, see Microsoft Knowledge Base Article 328848.

When you install the Windows XP 64-Bit Edition Version 2003 security update, the installer checks to see if any of the files that are being updated on your system previously been updated by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE files to your system. Otherwise, the installer copies the RTMGDR files to your system. For more information, see Microsoft Knowledge Base Article 824994.

Verifying Update Installation

You may also be able to verify the files that this security update has installed by reviewing the following registry keys:

For Windows XP Home Edition, Windows XP Professional, Windows XP Home Edition Service Pack 1, Windows XP Professional Service Pack 1, Windows XP 64-Bit Edition Service Pack 1, Windows XP Tablet PC Edition, and Windows XP Media Center Edition:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP2\KB837001\Filelist

For Windows XP 64-Bit Edition Version 2003:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP1\KB837001\Filelist

Note This registry key may not be created correctly if an administrator or an OEM integrates or slipstreams the 837001 security update into the Windows installation source files.

Windows 2000 (all versions)

Prerequisites For Windows 2000, this security update requires Service Pack 2 (SP2), Service Pack 3 (SP3), or Service Pack 4 (SP4).

For more information about how to obtain the latest service pack, see Microsoft Knowledge Base Article 260910.

Inclusion in Future Service Packs: The update for this issue will be included in Windows 2000 Service Pack 5.

Installation Information

This security update supports the following setup switches:

/help Displays the command-line options

Setup Modes

/quiet Use Quiet mode (no user interaction or display)

/passive Unattended mode (progress bar only)

/uninstall Uninstalls the package

Restart Options

/norestart Do not restart when installation is complete

/forcerestart Restart after installation

Special Options

/l Lists installed Windows hotfixes or update packages

/o Overwrite OEM files without prompting

/n Do not backup files needed for uninstall

/f Force other programs to close when the computer shuts down

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt for Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, and Windows 2000 Service Pack 4:

Windows2000-kb837001-x86-enu /passive /quiet

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, and Windows 2000 Service Pack 4:

Windows2000-kb837001-x86-enu /norestart

For information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site.

Restart Requirement

Removal Information

To remove this update, use the Add or Remove Programs tool in Control Panel.

/?: Show the list of installation switches.

/u: Use unattended mode.

/f: Force other programs to quit when the computer shuts down.

/z: Do not restart when the installation is complete.

/q: Use Quiet mode (no user interaction).

File Information

Note Date and time information could change during installation. Version, size, and file name information should be used to determine the correctness of files.

Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, and Windows 2000 Service Pack 4:

Date Time Version Size File name
------------------------------------------------------
03/01/2004 19:58 3.60.8618.0 561,424 Dao360.dll
09/27/2003 01:12 6.0.72.9589 380,957 Expsrv.dll
09/27/2003 01:12 4.0.6807.0 512,272 Msexch40.dll
03/01/2004 19:58 4.0.8618.0 319,760 Msexcl40.dll
03/01/2004 19:58 4.0.8618.0 1,507,600 Msjet40.dll
02/18/2004 12:26 4.0.8227.0 352,528 Msjetoledb40.dll
09/27/2003 01:12 4.0.6508.0 151,824 Msjint40.dll
09/27/2003 01:12 4.0.6508.0 53,520 Msjter40.dll
03/01/2004 19:58 4.0.8618.0 241,936 Msjtes40.dll
09/27/2003 01:12 4.0.6508.0 213,264 Msltus40.dll
09/27/2003 01:12 4.0.8015.0 348,432 Mspbde40.dll
09/27/2003 01:12 4.0.7328.0 422,160 Msrd2x40.dll
09/27/2003 01:12 4.0.6508.0 315,664 Msrd3x40.dll
09/27/2003 01:12 4.0.8015.0 553,232 Msrepl40.dll
09/27/2003 01:12 4.0.8015.0 258,320 Mstext40.dll
09/27/2003 01:13 4.0.6508.0 831,760 Mswdat10.dll
09/27/2003 01:13 4.0.6508.0 614,672 Mswstr10.dll
09/27/2003 01:12 4.0.8025.0 348,432 Msxbde40.dll
09/27/2003 01:12 6.0.1.9431 30,749 Vbajet32.dll

Verifying Update Installation

You may also be able to verify the files that this security update has installed by reviewing the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP5\KB837001\Filelist

Note This registry key may not be created correctly if an administrator or an OEM integrates or slipstreams the 837001 security update into the Windows installation source files.

Windows NT 4.0 (all versions)

Prerequisites This security update requires Windows NT Workstation 4.0 Service Pack 6a (SP6a), Windows NT Server 4.0 Service Pack 6a (SP6a), or Windows NT Server 4.0 Terminal Server Edition Service Pack 6 (SP6).

For more information on obtaining the latest service pack, see Microsoft Knowledge Base Article 152734.

Installation Information

This security update supports the following setup switches:

/q Specifies quiet mode, or suppresses prompts, when files are being extracted

/t:path Specifies the target folder for extracting files

/c Extracts the files without installing them. If /t:path is not specified, you are prompted for a target folder

/c:path Specifies the path and name of the Setup .inf or .exe file

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt for Windows NT 4.0:

Jet40-KB837001-ENU /q

Restart Requirement

You must restart your computer to complete the installation. You do not have to use an administrator logon after the computer restarts.

Removal Information

This update cannot be uninstalled.

File Information

Note Date and time information could change during installation. Version, size, and file name information should be used to determine the correctness of files

Windows NT Workstation 4.0 and Windows NT Server 4.0:

Date Time Version Size File name
------------------------------------------------------
03/18/2004 19:23 3.60.8618.0 568,040 Dao360.dll
06/02/2003 17:14 6.0.72.9589 387,680 Expsrv.dll
06/02/2003 17:15 4.0.6807.0 518,752 Msexch40.dll
03/18/2004 19:23 4.0.8618.0 326,376 Msexcl40.dll
03/18/2004 19:23 4.0.8618.0 1,514,216 Msjet40.dll
03/18/2004 19:23 4.0.8227.0 359,152 Msjetoledb40.dll
12/02/2003 22:59 4.0.6508.0 158,256 Msjint40.dll
06/02/2003 17:14 4.0.6508.0 60,000 Msjter40.dll
03/18/2004 19:23 4.0.8618.0 248,552 Msjtes40.dll
06/02/2003 17:14 4.0.6508.0 219,744 Msltus40.dll
11/12/2003 21:16 4.0.8015.0 354,856 Mspbde40.dll
06/02/2003 17:15 4.0.7328.0 428,640 Msrd2x40.dll
06/02/2003 17:14 4.0.6508.0 322,144 Msrd3x40.dll
11/12/2003 21:16 4.0.8015.0 559,656 Msrepl40.dll
11/12/2003 21:16 4.0.8015.0 264,744 Mstext40.dll
06/02/2003 17:15 4.0.6508.0 838,240 Mswdat10.dll
12/02/2003 23:00 4.0.6508.0 621,104 Mswstr10.dll
11/12/2003 21:16 4.0.8025.0 354,856 Msxbde40.dll
12/03/2003 17:56 4.0.6205.0 60,224 Odbcji32.dll
11/12/2003 21:16 4.0.6205.0 285,224 Odbcjt32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Oddbse32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odexl32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odfox32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odpdx32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odtext32.dll
06/02/2003 17:14 6.0.1.9431 37,472 Vbajet32.dll

Windows NT Server 4.0 Terminal Server Edition:

Date Time Version Size File name
-------------------------------------------------------
03/18/2004 19:23 3.60.8618.0 568,040 Dao360.dll
06/02/2003 17:14 6.0.72.9589 387,680 Expsrv.dll
06/02/2003 17:15 4.0.6807.0 518,752 Msexch40.dll
03/18/2004 19:23 4.0.8618.0 326,376 Msexcl40.dll
03/18/2004 19:23 4.0.8618.0 1,514,216 Msjet40.dll
03/18/2004 19:23 4.0.8227.0 359,152 Msjetoledb40.dll
12/02/2003 22:59 4.0.6508.0 158,256 Msjint40.dll
06/02/2003 17:14 4.0.6508.0 60,000 Msjter40.dll
03/18/2004 19:23 4.0.8618.0 248,552 Msjtes40.dll
06/02/2003 17:14 4.0.6508.0 219,744 Msltus40.dll
11/12/2003 21:16 4.0.8015.0 354,856 Mspbde40.dll
06/02/2003 17:15 4.0.7328.0 428,640 Msrd2x40.dll
06/02/2003 17:14 4.0.6508.0 322,144 Msrd3x40.dll
11/12/2003 21:16 4.0.8015.0 559,656 Msrepl40.dll
11/12/2003 21:16 4.0.8015.0 264,744 Mstext40.dll
06/02/2003 17:15 4.0.6508.0 838,240 Mswdat10.dll
12/02/2003 23:00 4.0.6508.0 621,104 Mswstr10.dll
11/12/2003 21:16 4.0.8025.0 354,856 Msxbde40.dll
12/03/2003 17:56 4.0.6205.0 60,224 Odbcji32.dll
11/12/2003 21:16 4.0.6205.0 285,224 Odbcjt32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Oddbse32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odexl32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odfox32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odpdx32.dll
11/12/2003 21:15 4.0.6205.0 27,464 Odtext32.dll
06/02/2003 17:14 6.0.1.9431 37,472 Vbajet32.dll

Verifying Update Installation

You can also compare the file versions of the files installed on your computer to the file versions found in the Security Update Information section.

Other Information

Acknowledgments

Microsoft thanks the following for working with us to help protect customers:

Matt Thompson of Aberdeen IT for reporting the Jet Vulnerability (CAN-2004-0197).

Obtaining other security updates:

Updates for other security issues are available from the following locations:

Security updates are available from the Microsoft Download Center: you can find them most easily by doing a keyword search for “security_patch”.
Updates for consumer platforms are available from the Windows Update Web site.

Support:

Customers in the U.S. and Canada can get technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.
International customers can get support from their local Microsoft subsidiaries. There is no charge for support associated with security updates. For more information on how to contact Microsoft for support issues, visit the International Support Web site.

Security Resources:

The Microsoft TechNet Security Web site provides additional information about security in Microsoft products.
Microsoft Software Update Services
Microsoft Baseline Security Analyzer (MBSA)
Windows Update
Windows Update Catalog: For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166.
Office Update

Software Update Services (SUS):

Microsoft Software Update Services (SUS) enables administrators to quickly and reliably deploy the latest critical updates and security updates to Windows® 2000 and Windows Server™ 2003-based servers, as well as to desktop systems running Windows 2000 Professional or Windows XP Professional.

For information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site.

Systems Management Server (SMS):

Systems Management Server can provide assistance deploying this security update. For information about Systems Management Server visit the SMS Web Site. For detailed information about the many enhancements to the security update deployment process that SMS 2003 provides, please visit the SMS 2003 Security Patch Management Web site. For users of SMS 2.0, it also provides several additional tools to assist administrators in the deployment of security updates such as the SMS 2.0 Software Update Services Feature Pack and the SMS 2.0 Administration Feature Pack. The SMS 2.0 Software Update Services Feature Pack utilizes the Microsoft Baseline Security Analyzer and the Microsoft Office Detection Tool to provide broad support for security bulletin remediation. Some software updates may require administrative rights following a restart of the computer

Note The inventory capabilities of the SMS 2.0 Software Update Services Feature Pack may be used for targeting updates to specific computers, and the SMS 2.0 Administration Feature Pack's Elevated Rights Deployment Tool can be used for installation. This provides optimal deployment for updates that require explicit targeting using Systems Management Server and administrative rights after the computer has been restarted.

Disclaimer:

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions:

V1.0 April 13, 2004: Bulletin published
V2.0 May 11, 2004: Microsoft has released a revised version of the Windows XP security update that contains the correctly localized optional Jet error strings

Built at 2014-04-18T13:49:36Z-07:00

Microsoft Security Bulletin MS04-014 - Important

Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

Summary

General Information

Technical Details

Frequently asked questions (FAQ) related to this security update

Vulnerability Details

Jet Vulnerability - CAN-2004-0197:

Mitigating Factors for Jet Vulnerability - CAN-2004-0197:

Workarounds for Jet Vulnerability - CAN-2004-0197:

FAQ for Jet Vulnerability - CAN-2004-0197:

Security Update Information

Windows Server 2003 (all versions)

Windows XP (all versions)

Windows 2000 (all versions)

Windows NT 4.0 (all versions)

Other Information

Additional resources