Help
Microsoft on Friday released a patch for Internet Explorer designed to close three critical holes in the browser, including one that paved the way for the Download.Ject Trojan horse.
http://zdnet.com.com/2100-1104_2-5290995.html
Everyone run out and patch their IE.
Regards,
John
Page 1 of 1
MS releases new IE security Patch
#1
- Forum Addict
-
- Group: Global Moderator
- Posts: 27,603
- Joined: 11-April 04
- Gender:Male
- Location:Chicago, Il.
Posted 30 July 2004 - 05:16 PM
Whereof one cannot speak, thereof one should be silent.
Back to top
#2
- Learning Daily
-
- Group: Members
- Posts: 4,543
- Joined: 09-July 04
- Location:Washington State, USA
Posted 30 July 2004 - 05:33 PM
I'm runnin' as fast as I can, jgweed...might have missed it with my auto-update disabled 
thank you.
thank you.
patiently patrolling, plenty of persisant pests n' problems ...
#3
- Security Reporter
-
- Group: Members
- Posts: 509
- Joined: 10-April 04
- Gender:Male
- Location:Roanoke, Virginia
Posted 31 July 2004 - 06:54 AM
Thanks for sharing and here's more below
MS04-025 Internet Explorer Critical Update (CRITICAL)
http://www.microsoft.com/technet/security/...n/MS04-025.mspx
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Download size: 2.8 MB
Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB867801)
A security issue has been identified that could allow an attacker to compromise a computer running Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft.
Resolves these key vulnerabilities
Navigation Method Cross-Domain Vulnerability - CAN-2004-0549
Malformed BMP File Buffer Overrun Vulnerability - CAN-2004-0566
Malformed GIF File Double Free Vulnerability - CAN-2003-1048
This is available from the Windows Update site:
http://www.microsoft.com/windowsupdate
MS04-025 Internet Explorer Critical Update (CRITICAL)
http://www.microsoft.com/technet/security/...n/MS04-025.mspx
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Download size: 2.8 MB
Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB867801)
A security issue has been identified that could allow an attacker to compromise a computer running Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft.
Resolves these key vulnerabilities
Navigation Method Cross-Domain Vulnerability - CAN-2004-0549
Malformed BMP File Buffer Overrun Vulnerability - CAN-2004-0566
Malformed GIF File Double Free Vulnerability - CAN-2003-1048
This is available from the Windows Update site:
http://www.microsoft.com/windowsupdate
#4
- Forum Addict
-
- Group: Global Moderator
- Posts: 27,603
- Joined: 11-April 04
- Gender:Male
- Location:Chicago, Il.
Posted 31 July 2004 - 10:08 AM
Do what I do, Phawgg, and subscribe to security Emails from both Microsoft and from US-Cert. Both are free, and between the two, you will not miss anything critical; then you can simply go to the links provided and download/install the security patches.
Regards,
John
Regards,
John
Whereof one cannot speak, thereof one should be silent.
#5
- Guru at being a Newbie
-
- Group: Malware Response Team
- Posts: 6,019
- Joined: 08-April 04
- Gender:Male
Posted 31 July 2004 - 11:11 AM
I'll second John on that there, phawgg. It's not a good idea to rely on MS's Automatic Updates anyway. Except I don't Subscribe to CERT--ehm, no comment on US guvment in our lives.
You can sign up for Microsoft Security Notification Service here:
http://www.microsoft.com/technet/security/...tin/notify.mspx
You can sign up for Microsoft Security Notification Service here:
http://www.microsoft.com/technet/security/...tin/notify.mspx
And I may be obliged to defend
Every love every ending
Or maybe there's no obligations now,
Maybe I've a reason to believe
We all will be received
In Graceland--Paul Simon
Every love every ending
Or maybe there's no obligations now,
Maybe I've a reason to believe
We all will be received
In Graceland--Paul Simon
#6
- Forum Addict
-
- Group: Global Moderator
- Posts: 27,603
- Joined: 11-April 04
- Gender:Male
- Location:Chicago, Il.
Posted 31 July 2004 - 06:42 PM
Information on US-Cert's role and responsibilities in the area of cyber security:
http://www.us-cert.gov/aboutus.html
I do not use the automatic update function, but prefer to download each update individually. That way I can save it to disk and have it handy in case I have to reload the OS, before I install it. I also make this disk of patches available to freinds who are still on dial-up.
Cheers,
John
http://www.us-cert.gov/aboutus.html
I do not use the automatic update function, but prefer to download each update individually. That way I can save it to disk and have it handy in case I have to reload the OS, before I install it. I also make this disk of patches available to freinds who are still on dial-up.
Cheers,
John
This post has been edited by jgweed: 31 July 2004 - 06:44 PM
Whereof one cannot speak, thereof one should be silent.
#7 Guest_brunt_*
Posted 31 July 2004 - 08:15 PM
you can slipstream all of those hotfixes and critical updates onto one disc with your xp cd!Thats what I did so when I install my os I dont have to download 50 updates there all saved to cd with xp! See here
http://www.theeldergeek.com/slipstream_01.htm
http://www.theeldergeek.com/slipstream_01.htm
Share this topic:
Page 1 of 1