Just a reminder, there are workarounds to solve this.
Cut-n-pasted from the vulnerability listing:
MDAC 2.1 includes the JET 4.0 driver which is not affected by this
vulnerability. It is available for download at:
http://www.microsoft.com/data/download.htm
Also, Wanderley J. Abreu Jr. <[EMAIL PROTECTED]> has written a
program that will search the registry and modify the EditFlags value for
DocObjects file types, setting the Confirm Open After Download value to
01. this means that these filetypes can no longer be silently downloaded
and opened. This can be downloaded from:
http://www.securityfocus.com/data/vulnerabilities/patches/RegFix.zip
Ben Greenbaum
SecurityFocus
www.securityfocus.com
