Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||Vulnerability in the Windows FTP client, Vulnerabilidad en el cliente FTP de Windows|
It is a vulnerability on Windows 2003/XP computers and Internet Explorer version 6 on Windows 2000, which allows hackers to save a file that the affected user tries to download via the Windows FTP client in a location where it could have unexpected effects.
|First detected on:||Oct. 14, 2005|
|Detection updated on:||Oct. 14, 2005|
MS05-044 is not categorized as virus, worm, Trojan or backdoor. It is a moderate vulnerability on Windows 2003/XP computers and Internet Explorer 6 on Windows 2000, which allows the intended destination directory for a file transfer to be modified, if the user has chosen to transfer a file manually via FTP.
If exploited successfully, MS05-044 allows hackers to save a file that the affected user tries to download via the Windows FTP client in a location where it could have unexpected effects. For example, the Windows Startup directory, where it will be run whenever Windows is started.
This vulnerability is usually exploited by hosting a file with an specially-crafted file name on an FTP server and enticing users into downloading it via the Windows FTP client.
If you have a Windows 2003/XP/2000 computer, it is recommendable to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.