Surprise, surprise, surprise ... (use your Gomer voice)
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-065.aspMicrosoft Security Bulletin MS02-065
Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)
Originally posted: November 20, 2002
Who should read this bulletin: Customers using Microsoft® Windows®, particularly those who operate web sites or browse the Internet.
Impact of vulnerability: Run code of attacker’s choice
Maximum Severity Rating: Critical
Recommendation: Users should apply the patch immediately.
Microsoft Data Access Components (MDAC) 2.1
Microsoft Data Access Components (MDAC) 2.5
Microsoft Data Access Components (MDAC) 2.6
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Note: The vulnerability does not affect Windows XP, despite the fact that it uses Internet Explorer 6.0. Windows XP customers do not need to take any action.