• Microsoft Access Snapshot Viewer
• Microsoft Office 2000 Service Pack 3
• Microsoft Office 2003 Service Pack 2
• Microsoft Office XP Service Pack 3

This update resolves a vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access. An attacker could exploit the vulnerability by constructing a specially crafted Web page, which when viewed by the user, could allow remote code execution, thereby granting the same user rights as the logged-on user.

Patches for this vulnerability can be downloaded on this Microsoft Web page.

Microsoft recommends to disable attempts to instantiate a COM object in Internet Explorer by setting the kill bit for the control in the registry. Also, Internet Explorer may be configured to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. Adding sites that you trust to the Internet Explorer Trusted sites zone is also suggested.