How to Obtain and Download the Update
IMPORTANT: Microsoft requires that you download and install the FrontPage
2002 Server Extensions Security Update: January 29, 2002, before you install
the update described in this article.
For additional information about how to
download and install the FrontPage 2002 Server Extensions Security Update that
was released on January 29, 2002, click the article number below to view the
article in the Microsoft Knowledge Base:
317296�
Overview of the FrontPage 2002 Server Extension Update
How to Download and Install the Update
To obtain the FrontPage 2002 Server Extensions Security Update:
September 25, 2002, visit the following Microsoft Web site:
When you receive a prompt to download or save the file, select to
save the file to your desktop. To install the update, double-click the
Fpse1002.exe file on your desktop, and then follow the instructions for the
installation.
How to Determine Whether the Public Update Is Installed
The following files are updated by the FrontPage Server
Extensions update:
Date Time Version Size File Name Platform
-----------------------------------------------------------------
02-Aug-2002 13:53 10.0.4330.0 1,382,984 Fp5awel.dll x86
Issues Fixed by the Update
A Chunked Request Sent to the Shtml.dll File Causes a Heap Overflow
A specially malformed chunked request sent to the FrontPage
Server Extensions Smart HTML Interpreter (Shtml.dll) can cause a heap overflow
in Microsoft Internet Information Server (IIS).
For additional
information about security vulnerability, click the article number below to
view the article in the Microsoft Knowledge Base:
324096�
MS02-053: Request to Smart HTML Interpreter Could Monopolize Web Server CPU Resources