Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA04-336A -- Update for Microsoft Internet

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA04-336A -- Update for Microsoft Internet Explorer
Date: Wed, 1 Dec 2004 18:05:51 -0500 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



                Cyber Security Alert SA04-336A

             Update for Microsoft Internet Explorer

   Original release date: December 1, 2004
   Last revised: --
   Source: US-CERT


Systems Affected

     * Internet Explorer versions 6.0 and later


Overview

     As previously mentioned in SA04-315A, an attacker may be able to
     take control of your computer by taking advantage of a
     vulnerability in Internet Explorer.


Solution

Apply the patch

     Microsoft has released an update to resolve this problem. Obtain
     the appropriate update from Windows Update or by using Automatic
     Updates.

Description

     There is a vulnerability in the way Internet Explorer processes
     certain HTML code. By exploiting the vulnerability, an attacker may
     be able to take control of your computer or cause Internet Explorer
     to crash.

     For additional details, see SA04-315A and TA04-315A.


References

     * Windows Security Update for December 2004 -
       <http://www.microsoft.com/security/bulletins/200412_windows.mspx>

     * US-CERT Cyber Security Alert SA04-315A -
       <http://www.us-cert.gov/cas/alerts/SA04-315A.html>

     * US-CERT Technical Cyber Security Alert TA04-315A -
       <http://www.us-cert.gov/cas/techalerts/TA04-315A.html>

     * Vulnerability Note VU#842160 -
       <http://www.kb.cert.org/vuls/id/842160>

     _________________________________________________________________

   Feedback can be directed to US-CERT.

   Send mail to <cert@cert.org>.

   Please include the Subject line "SA04-336A Feedback VU#842160".
     _________________________________________________________________

   Copyright 2004 Carnegie Mellon University. 

   Terms of use: <http://www.us-cert.gov/legal.html>
     _________________________________________________________________

   This document is available from  

   <http://www.us-cert.gov/cas/alerts/SA04-336A.html>
     ________________________________________________________________


   Revision History

   December 1, 2004: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQa5NAxhoSezw4YfQAQJ3NAf/W0xosQS1WwU0+F/EJERxwk5K7lL6NliG
d5PWCmfnYRScVht2154KHCm8sZ56tLPmsW6JQdYeSYASj0h2Gfd/rO2lWNbXOwD9
JjHKB47at6HiEQI/EIDFeLHo3vHE7H6Zb4fhqSfRHUTQwkDkDqdHW+w/Bn0/cXgH
BjrKYKbmH+DSwfsTQXbfvJFCrXQFzzOO5V8ikb62bjieMrhgZKTS/y4m2U5NTM0S
aamMTZvI7Amku8fEGkBs9zm+nUV++ljkmtRdTXkSY57vtQnnTEt0c3l8rMAVgaf2
40LsokOEYzMLjR0Yk+Mi2yAS+5yRgcVBi/E3E5AkSf/E1OPfJbu4Tg==
=xzDA
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA04-336A -- Update for Microsoft Internet Explorer, US-CERT Alerts <=
Indexes:  [Date] [Thread] [Top] [All Lists]