This update resolves the "Network DDE Agent Request" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-007. Download now to increase security and help prevent a malicious user from running code to take control of your computer.

Network Dynamic Data Exchange (DDE) enables applications on different computers running Windows to dynamically share data through channels called trusted shares. Trusted shares are managed by a service called the Network DDE Agent. On computers running Windows 2000, the Network DDE Agent runs using the Local System security context, rather than the security context of the user. Because Local System security allows a piece of code to function as part of the operating system, a malicious user, with the ability to run code on the affected computer, could exploit the vulnerability to run commands and programs by using the privileges of the operating system itself. This could allow the malicious user to take virtually any action on the computer.

For more information about this vulnerability, please read Microsoft Security Bulletin MS01-007. (This site is in English.)

• Windows 2000 Professional
• Windows 2000 Server
• Windows 2000 Advanced Server

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Add/Remove Programs.
3. Select Windows 2000 Hotfix (Pre-SP3) [See Q285851 for more information], and click Change/Remove to uninstall.