Buffer Overrun Occurs When You Start Winhlp32.exe Under NTSD

Article translations Article translations
Article ID: 293338 - View products that this article applies to.
This article was previously published under Q293338
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all


There is a buffer overrun in Winhelp32.exe. A malicious user can exploit this buffer overrun to run code in the user's security context. This permits the malicious user to perform any actions that a legitimate user can perform. A malicious user can exploit this vulnerability by using a malicious Web page or by using an HTML-based e-mail message.

By default, the HTML exploit is blocked if you are using Microsoft Outlook Express 6 or Microsoft Outlook 2002, or if you installed the Outlook E-mail Security Update in Microsoft Outlook 98 or Microsoft Outlook 2000.


To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to Obtain the Latest Windows 2000 Service Pack


Microsoft has confirmed that this is a problem in Microsoft Windows 2000. This problem was first corrected in Windows 2000 Service Pack 3.


Microsoft thanks Mark Litchfield of Next Generation Security Software Ltd. for reporting this issue.


Article ID: 293338 - Last Review: February 27, 2014 - Revision: 3.9
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
kbnosurvey kbarchive kbdownload kbdownload kbbug kbenv kbfix kbsecurity kbsysadmin kbwin2000sp3fix KB293338

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com