This update resolves the "Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run" security vulnerability in Windows XP, and is discussed in Microsoft Security Bulletin MS02-006. Download now to help prevent a malicious user from running code of his or her choice or launching a denial of service (DoS) attack on your computer.

The vulnerability exists because a component of the Simple Network Management Protocol (SNMP) agent service that interprets incoming commands contains an unchecked buffer (a temporary data storage area that has a limited capacity). By sending a specially malformed request, it is possible to carry out a buffer overrun attack against an affected system.

Note The SNMP service is neither installed nor running by default in any version of Windows.

For more information about this vulnerability, read Microsoft Security Bulletin MS02-006. (This site is in English.)

1. Click Start, and then click Control Panel.
2. Click Add/Remove Programs.
3. Select Windows XP Hotfix (SP1) [See Q314147 for more information], and then click Change/Remove.