Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA05-102A -- Multiple Vulnerabilities in Mi

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA05-102A -- Multiple Vulnerabilities in Microsoft Windows Components
Date: Tue, 12 Apr 2005 21:19:45 -0400 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                   Cyber Security Alert SA05-102A

      Multiple Vulnerabilities in Microsoft Windows Components


   Original release date: April 12, 2005
   Last revised: --
   Source: US-CERT


Systems Affected

   *  Microsoft Windows Systems
   
   For a complete list of affected versions of the Windows operating
   systems and components, refer to the April 2005 Updates for Windows,
   MSN Messenger, and Office.


Overview

     There are multiple vulnerabilities in Microsoft Windows, Internet
     Explorer, MSN Messenger, and Word.


Description

     There are vulnerabilities in Microsoft Windows, Internet Explorer,
     MSN Messenger, and Word that may allow an attacker to take control
     of your computer or cause it to crash. To exploit some of these
     vulnerabilities, an attacker may attempt to convince you to view a
     malicious web page, image, or Word document.

     For more technical information, see US-CERT Technical Alert
     TA05-102A.


Resolution

Apply an update

     Obtain the appropriate updates from Windows Update or by using
     Automatic Updates.

Do not follow unsolicited links

     Do not click on unsolicited links received in email, instant
     messages, web forums, or chat rooms. While this is generally a good
     security practice, following this behavior will not prevent the
     exploitation of these vulnerabilities in all cases.

Maintain updated anti-virus software

     Anti-virus software with updated virus definitions may identify and
     prevent some exploit attempts. Update your anti-virus software.
     More information about viruses and anti-virus vendors is available
     on the US-CERT Computer Virus Resources page.


References

     * Microsoft Security Bulletin Summary for April, 2005 -
       <http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx>

     * US-CERT Technical Cyber Security Alert TA05-102A -
       <http://www.us-cert.gov/cas/techalerts/TA05-102A.html>

     * US-CERT Vulnerability Note VU#774338 -
       <http://www.kb.cert.org/vuls/id/774338>

     * US-CERT Vulnerability Note VU#756122 -
       <http://www.kb.cert.org/vuls/id/756122>

     * US-CERT Vulnerability Note VU#222050 -
       <http://www.kb.cert.org/vuls/id/222050>

     * US-CERT Vulnerability Note VU#633446 -
       <http://www.kb.cert.org/vuls/id/633466>

     * US-CERT Vulnerability Note VU#233754 -
       <http://www.kb.cert.org/vuls/id/233754>

     * US-CERT Vulnerability Note VU#442567 -
       <http://www.kb.cert.org/vuls/id/442567>

     * US-CERT Vulnerability Note VU#752591 -
       <http://www.kb.cert.org/vuls/id/752591>

     _________________________________________________________________

   Authors: Eric J. Hayes and Art Manion. Feedback can be directed to
   US-CERT. Send mail to <cert@cert.org>. Please include the subject
   line "SA05-102A Feedback VU#222050".
   _________________________________________________________________


   Copyright 2005 Carnegie Mellon University.

   Terms of use: <http://www.us-cert.gov/legal.html>

   _________________________________________________________________


   This document is available from

   <http://www.us-cert.gov/cas/alerts/SA05-102A.html>

   _________________________________________________________________


   Revision History

   April 12, 2005: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQlxzNxhoSezw4YfQAQIA2gf9GlzquXm7kq75VmjMVRjn8Vri5yiaSdZQ
qAv6NOLmgTXCh063pwIintChMq82rzuhnGYGwnaB/ELs1RzzrhENrOjdnSBdFk/Q
Q5ZSPRLvEwBCWBS72ODsw5vmab3b7OqCTJ/NLlvoGwDbmd2YgR2h1fwxfUNHXNau
eiahMtwCMIYnyJyTXxhCdCQXjD3LMCaFjkRWXOq9VaFMaex7FEnGLvwEToyV7aLp
QWmEZnY1vnsTR+kUiwR4VmRdxEizPD0uNB4DxtVGGztBuZnbVsIZ88iXhKd1uTHY
bykPk86/QQ+HsvjOfMeXELbOSDofa8sD+zcPO9I+qIXKosYPt4yPaw==
=xTDx
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA05-102A -- Multiple Vulnerabilities in Microsoft Windows Components, US-CERT Alerts <=
Indexes:  [Date] [Thread] [Top] [All Lists]