COMMAND

    java (MS VM)

SYSTEMS AFFECTED

    Microsoft VM, all builds in the 2000 and 3000 series

PROBLEM

    Following info is based on  the Microsoft Security Bulletin.   The
    Microsoft  VM  is  a  virtual  machine  for the Win32(r) operating
    environment.  It runs atop  Microsoft Windows(r) 95, 98 or Windows
    NT(r). It ships  as part of  each operating system,  and also   as
    part of Microsoft Internet Explorer.  The version of the Microsoft
    VM that ships  with Microsoft Internet  Explorer 4.0 and  Internet
    Explorer 5.0 contains a security vulnerability that could allow  a
    Java applet to operate outside  the bounds set by the  sandbox and
    take any  desired action   on the  user's computer.   If such   an
    applet  were  hosted  on  a  web  site,  it  could act against the
    computer of any user who visited the site.

    NOTE: The affected versions shipped primarily as part of  Internet
    Explorer  4.0  and  5.   Microsoft  acknowledges  Xerox  PARC  for
    bringing this issue to their attention.

SOLUTION

    Patch Availability:

        http://www.microsoft.com/java/vm/dl_vm32.htm