This update resolves the "VM File Reading" security vulnerability in the Microsoft virtual machine (Microsoft VM). Download now to prevent a malicious Web site operator from reading – but not changing, adding, or deleting – the files on your computer or viewing the Web content inside your intranet.

Java applets (which are hosted on Web sites and run on the computers of visiting users) are run within the Microsoft VM, which uses a protected area on your computer called the "sandbox" to restrict what Java applets can do. Normally, the sandbox prevents a Java applet from performing inappropriate actions on a visiting user's computer. Through a complex series of steps, a malicious Web site operator can create a Java applet that can bypass the restrictions set by the sandbox, and read files on a visiting user's computer or view Web content within the visiting user's intranet.

For more information about this vulnerability, please read Microsoft Security Bulletin MS00-081. (This site is in English.)

This update is cumulative, and includes all fixes made in past Microsoft VM releases. For a complete list of updates included with Microsoft VM build 3802, view the list of fixes.

Note If you are running Windows 2000, you must install Service Pack 1 before downloading this update.