An identified security vulnerability could allow an attacker to compromise Microsoft® Windows®-based systems and then take any of a variety of actions, such as changing Web pages or reformatting your hard disk. You can help eliminate this issue by installing this update from Microsoft.

Who needs to apply this update?

Anyone using Microsoft Windows 2000, Windows Me, Windows 98 SE, Windows 98, or Microsoft Windows NT® 4.0 needs the update. Windows XP is not affected by this issue. At greatest risk are systems that operate Web sites using Microsoft Internet Information Services (IIS) and anyone who browses the Web using Microsoft Internet Explorer.

Two types of computers are at particular risk. If either of the following describes your computer, you should install the patch immediately:

• Computers that are used to browse the Web or read e-mail. Most workstations and laptop computers fall into this category.
• Computers that host Web sites using IIS.

Which versions of Windows are eligible for the update?

Updates are available for the following Windows versions. Earlier versions than those listed below are no longer supported and may or may not be affected by the vulnerability:

• Windows 2000
• Windows Millennium
• Windows 98
• Microsoft Windows NT® 4.0

Next Steps

Ready to install the update? Choose the appropriate next step for you:

• Get the update automatically with our Automatic Updates service.
• To read more technical information about this vulnerability, see the full Microsoft Security Bulletin.

Do I need this update?

To determine if you need this update:

• On the taskbar, click Start, and then click Run.
• In the Run dialog box, type Winver and click OK.

  The dialog box will display the version of Windows your computer is running. Click OK to close the dialog box. If you are running Windows 98, Windows Millennium, Windows NT 4.0, or Windows 2000, you need to install this patch. If you are running Windows XP, you do not need the patch.