Two new security updates for Windows XP Service Pack 1 are now available. Security Update, February 14, 2002 (Internet Explorer 6) This is an updated version of Security Update, February 14, 2002. This update resolves the "Incorrect VBScript Handling in Internet Explorer can Allow Web Pages to Read Local Files" security vulnerability in Internet Explorer 6 and Windows XP or Windows 2000, and is discussed in Microsoft Security Bulletin MS02-009. Download now to prevent a malicious user from using an unauthorized Web site to read the contents of files on your local computer. Q329834: Security Update (Windows XP) This update resolves the "Unchecked Buffer in PPTP Implementation Could Enable Denial of Service" security vulnerability in Windows XP and Windows XP Service Pack 1 (SP1). Download now to prevent an attacker from disrupting service on a server that offers private networking and uses the PPTP protocol. The security vulnerability results in the Windows 2000 and Windows XP implementations because of an unchecked buffer in a section of code that processes the control data used to establish, maintain and tear down PPTP connections. By delivering specially malformed PPTP control data to an affected server, an attacker could corrupt kernel memory and cause the system to fail, disrupting any work in progress on the system.

WindowsUpdate