Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA05-165A -- Microsoft Windows and Internet

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA05-165A -- Microsoft Windows and Internet Explorer Vulnerabilities
Date: Tue, 14 Jun 2005 20:25:24 -0400 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                        National Cyber Alert System
          Microsoft Windows and Internet Explorer Vulnerabilities

   Original release date: June 14, 2005
   Last revised: --
   Source: US-CERT

Systems Affected

     Microsoft Windows and various Microsoft products, including Internet
     Explorer

Overview

     By taking advantage of vulnerabilities in various Microsoft
     products, an attacker may be able to stop affected programs or take
     control of your computer. Microsoft has released updates to address
     these issues.

Solution

Install Updates

     Microsoft has released security updates for Windows and Internet
     Explorer. To obtain the updates, visit the Windows Update web site.
     US-CERT also recommends enabling Automatic Updates.

Description

     There are problems with various Microsoft applications and
     features:

     * Help system - The HTML Help system is used by many Microsoft
       Windows applications. An attacker may be able to create a
       malicious help file that may allow him or her to gain control of
       your computer.

     * Image handling - Images can be saved in multiple formats,
       including .jpg, .gif, and .png. An attacker may be able to create
       a malicious image file that, if you view it, will allow him or her
       to stop affected programs or take control of your computer.

     * Networking - Microsoft Windows uses networking to allow your
       computer to talk to printers and other computers. A vulnerability
       in Windows networking may allow an attacker to take control of
       your computer.

     For more technical information, see US-CERT Technical Alert
     TA05-165A.

References
     
     * US-CERT Technical Cyber Security Alert TA05-165A -
       <http://www.us-cert.gov/cas/techalerts/TA05-165A.html>

     * Microsoft Security Bulletin Summary for June, 2005 -
       <http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx>
   _________________________________________________________________
 
   Author: Mindi McDowell. Feedback can be directed to US-CERT.
   _________________________________________________________________

   Revision History

   June 14, 2005: Initial release
   _________________________________________________________________

   This document is available from:

   <http://www.us-cert.gov/cas/alerts/SA05-165A.html> 

   Produced 2005 by US-CERT, a government organization. Terms of use 
   <http://www.us-cert.gov/legal.html>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQq90xhhoSezw4YfQAQI3iQf9Fe842rAMCL5LdBqRxBMqbqCbWwvSsAJc
oalk3vNHE1LI/MsQ76NT2NzYLQ78SZ+J03U9MzFZd/s5aJg0Wi80WRDsxLu2APn/
KkepDeVFOP1Dt/V/j4nGnVc+9D7n4R/1v39AV6S0RW5d6qDLJrGoO2hkBcf63Ow2
uzr/nWPnfl0ZWs0xbOX66RoiYpu8ZuRLAnOvpKY2YiJ3a+aVaiP2jzu0E4GD1Qhs
zoyB9FJG0SwyjokyQEft3B7VFHwbetoV5gfu93rV9pa2kF27iCZ6tTm1X7SnTxjk
VS6q24Qo2+j67uADIRZU7Mo4Ut7SeDbJ/BgQ2nv2Lo/+QvXFw4rSEQ==
=8A8x
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA05-165A -- Microsoft Windows and Internet Explorer Vulnerabilities, US-CERT Alerts <=
Indexes:  [Date] [Thread] [Top] [All Lists]