New Microsoft Critical Updates Prevent Remote Code Execution

UC Davis is urgently recommending that Windows users install the most recent Critical Updates issued by Microsoft on Tuesday, April 13, 2004. Some of these updates remove multiple vulnerabilities, many of which could allow an attacker to overwrite a program's code, changing its operation. If left unpatched, the vulnerabilities could also allow an attacker to gain full access to a system. The attacker could then take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts.

One or more of the updates now available affect the following systems:

  • Windows 2000
  • Windows XP
  • Windows Server 2003
  • Windows NT Workstation
  • Windows NT Server 4.0
  • Windows NT Server 4.0, Terminal Server Edition
  • Windows 98
  • Windows 98 Second Edition (SE)
  • Windows Millennium Edition (Me)

It is highly recommended that users of these systems install the updates as soon as possible. To review and install updates, visit

For additional information about these vulnerabilities and the critical updates, see the Microsoft Security Bulletins.