There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog.

Affected software:
Windows NT® 4.0,
Windows NT 4.0,
Terminal Server Edition,
Windows 2000,
Windows XP,
Windows Server™ 2003

View: Microsoft Security Bulletin MS03-041