This update resolves the "Malformed Event Record" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-013. Download now to help prevent a malicious user from running unauthorized code on your computer.

The Windows 2000 Event Viewer snap-in, which plugs into Event Viewer to provide added functionality, has an unchecked buffer (a temporary data storage area) in a section of the code that displays event records. If a malicious user inserts a malformed record into the event log, it can either cause the Event Viewer to fail, or allow the malicious user's code to run on the affected computer.

Event Viewer tracks informational, warning, and error events. The event record logs that are recorded in Event Viewer include processes such as logon times and connection times.

For more information about this issue, read Microsoft Security Bulletin MS01-013. (This site is in English.)

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Add/Remove Programs.
3. Select Windows 2000 Hotfix (Pre SP3) [See Q285156 for more information], and click Change/Remove to uninstall.