Free web client security ms01 software for windows

The Web Client Security Update for Office 2000 protects you from a vulnerability in Office 2000 that can allow login information to be sent over the Internet. Malicious Web site operators could deceive users into browsing to a Web page or server that captures login information without permission or verification of credentials from the user. This update prevents user credentials from being sent unless users grant express permission consistent with their browser settings. To use the Web Client Security Update, you must have installed Office 2000 Service Release 1a (SR-1a). You also need to have Microsoft Internet Explorer version 5.0 or later installed on your computer for this update to work. You can download the latest version of Internet Explorer for free from the Internet Explorer Home page on Microsoft.com. Works with: Word 2000 SR-1, Excel 2000 SR-1, Outlook 2000 SR-1, PowerPoint 2000 SR-1, Access 2000 SR-1, FrontPage 2000 SR-1, Publisher 2000 SR-1, PhotoDraw 2000 (Versions 1 and 2), and Microsoft Project 2000. Languages Supported: US English, International English, Basque, Simplified Chinese, Traditional Chinese, Croatian, Czech, Danish, Dutch, French, German, Greek, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Brazilian Portuguese, Iberian Portuguese, Romanian, Russian, Spanish, Swedish, and Turkish. There is no Uninstall feature included with this download.

IIS 5.0 Cumulative Security Update MS01-044 is a software which includes every update released for Internet Information Server (IIS) 5.0 and is discussed in Microsoft Security Bulletin MS01-044. This update addresses four new vulnerabilities: two security vulnerabilities that could enable a malicious user to temporarily disrupt the service of IIS 5.0; and two security vulnerabilities that could enable a malicious user to gain unauthorized privileges on your Web server.

Instructions:

1. Click the Download link to start the download, or choose a different language from the drop-down list and click Go.Do one of the following:
   • To start the installation immediately, click Open or Run this program from its current location.
   • To copy the download to your computer for installation at a later time, click Save or Save this program to disk.
2. Once saved you will need to open the .exe file to run the program.

Requirements: Windows 2000

Web Client Software Factory - June 2007 1.1 is released as a simple yet effective guidance which allows architects and developers to create composite Web client applications.

Requirements: Windows XP/2003 Server/Vista

Web Client Software Factory - January 2007 1 is such an easy-to-use and handy guidance which enables architects and developers to create composite Web client applications.

Requirements: Windows XP/2003 Server

Microsoft Forefront Client Security provides unified malware protection for business desktops, laptops, and server operating systems that is easy to manage and control.
Built on the same highly successful Microsoft protection technology already used by millions of people worldwide, Forefront Client Security helps guard against emerging threats, such as spyware and rootkits, as well as against traditional threats, such as viruses, worms, and Trojan horses.
By delivering simplified administration through central management and providing critical visibility into threats and vulnerabilities, Forefront Client Security helps you protect your business with confidence and efficiency. Forefront Client Security integrates with your existing infrastructure software, such as Active Directory, and complements other Microsoft security technologies for protection and control
Supported Operating Systems: Windows Server 2003 R2 Enterprise Edition (32-Bit x86); Windows Server 2003 R2 Standard Edition (32-bit x86); Windows Server 2003 Service Pack 2

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 is regarded as an innovative and versatile patch which eliminates a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me.

The vulnerability could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a Web server.

The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via Web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed. Instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious user's Web site, either by browsing to the site or by opening an HTML mail that initiated a session with it, an application on the site could capture the user's NTLM credentials. The malicious user could then use an offline brute-force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources.

The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another user's computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system.

However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system.

Frequently asked questions regarding this vulnerability can be found here.