-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Cyber Security Alert SA05-347A
Microsoft Internet Explorer Vulnerabilities
Original release date: December 13, 2005
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Internet Explorer
For more complete information, refer to the Microsoft Security
Bulletin Summary for December 2005.
Overview
Microsoft has released updates that address critical
vulnerabilities in Internet Explorer.
Solution
Apply Updates
Microsoft has released security updates for Internet Explorer. To
obtain the updates, visit the Microsoft Update web site. US-CERT
also recommends enabling Automatic Updates.
Disable ActiveX
Instructions for disabling ActiveX controls in the Internet Zone
can be found in the Malicious Web Scripts FAQ.
Do not follow unsolicited links
Do not click on unsolicited URLs received in email, instant
messages, web forums, or internet relay chat (IRC) channels.
Description
Microsoft Security Bulletins for December 2005 address
vulnerabilities in Internet Explorer. These vulnerabilities may
allow an attacker to take control of your computer or cause it to
crash. For more technical information, see US-CERT Technical Cyber
Security Alert TA05-347A.
References
* Microsoft Security Bulletin Summary for December 2005 - <
http://www.microsoft.com/technet/security/bulletin/ms05-dec.mspx>
* US-CERT Vulnerability Note VU#887861 -
<http://www.kb.cert.org/vuls/id/887861>
* US-CERT Vulnerability Note VU#959049 -
<http://www.kb.cert.org/vuls/id/959049>
* US-CERT Vulnerability Note VU#680526 -
<http://www.kb.cert.org/vuls/id/680526>
* US-CERT Technical Cyber Security Alert TA05-347A -
<http://www.us-cert.gov/cas/techalerts/TA05-347A.html>
* Microsoft Update - <https://update.microsoft.com/microsoftupdate>
* Microsoft Update Overview -
<http://www.microsoft.com/technet/prodtechnol/microsoftupdate/defa
ult.mspx>
* CERT/CC Malicious Web Scripts FAQ -
<http://www.cert.org/tech_tips/malicious_code_FAQ.html#ie56>
* Improve the safety of your browsing and e-mail activities-
<http://www.microsoft.com/athome/security/online/browsing_safety.m
spx>
* Microsoft Security Essentials -
<http://www.microsoft.com/athome/security/protect/default.aspx>
_________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/alerts/SA05-347A.html>
_________________________________________________________________
Feedback can be directed to US-CERT. Please send email to:
<cert@cert.org> with "SA05-347A Feedback VU#887861" in the subject.
_________________________________________________________________
Revision History
Dec 13, 2005: Initial release
_________________________________________________________________
Produced 2005 by US-CERT, a government organization.
Terms of use
<http://www.us-cert.gov/legal.html>
_________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQ59OBn0pj593lg50AQJTvAgAstsmk+yyrOIZu8+c1tAi8za08xyXzKFH
S2pre7Y4loz48Fy0fL8bg6O3Z78nDguHR0cNQ+Rk0g8SPW3KJHp49XQX1nRDSyPq
JQ09l794sKKJY3uEkspbL2/1pNCx+6TnG1TCFPZGue16+x5OL8MEigEnDdswUEs6
hTDOr4oxgtEvWf/x+fXpodP5CTNybSvRcp36kCuQKxhDAqufrNEA8r9Ndlun7Wk2
zjHb5Xfq4OxoFo/REDlwsUJ6Z39JipvmDHgYSXEWqGBSi76kTmM8ZPCR/BxtKRoC
F/xo2Yqu+CcnmU9pUPVZpgwPC6JSKvswmzPDb0ODfL+CDQeXv9KjxQ==
=bxMS
-----END PGP SIGNATURE-----
