Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MS releases new IE security Patch


  • Please log in to reply
6 replies to this topic

#1 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:01:56 AM

Posted 30 July 2004 - 05:16 PM

Microsoft on Friday released a patch for Internet Explorer designed to close three critical holes in the browser, including one that paved the way for the Download.Ject Trojan horse.

http://zdnet.com.com/2100-1104_2-5290995.html

Everyone run out and patch their IE.

Regards,
John
Whereof one cannot speak, thereof one should be silent.

BC AdBot (Login to Remove)

 


#2 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:10:56 PM

Posted 30 July 2004 - 05:33 PM

I'm runnin' as fast as I can, jgweed...might have missed it with my auto-update disabled :thumbsup: thank you.
patiently patrolling, plenty of persisant pests n' problems ...

#3 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:02:56 AM

Posted 31 July 2004 - 06:54 AM

Thanks for sharing and here's more below :thumbsup:

MS04-025 Internet Explorer Critical Update (CRITICAL)
http://www.microsoft.com/technet/security/...n/MS04-025.mspx

Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Download size: 2.8 MB

Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB867801)
A security issue has been identified that could allow an attacker to compromise a computer running Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft.

Resolves these key vulnerabilities
Navigation Method Cross-Domain Vulnerability - CAN-2004-0549
Malformed BMP File Buffer Overrun Vulnerability - CAN-2004-0566
Malformed GIF File Double Free Vulnerability - CAN-2003-1048

This is available from the Windows Update site:
http://www.microsoft.com/windowsupdate

#4 jgweed

jgweed
  • Topic Starter

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:01:56 AM

Posted 31 July 2004 - 10:08 AM

Do what I do, Phawgg, and subscribe to security Emails from both Microsoft and from US-Cert. Both are free, and between the two, you will not miss anything critical; then you can simply go to the links provided and download/install the security patches.
Regards,
John
Whereof one cannot speak, thereof one should be silent.

#5 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:56 AM

Posted 31 July 2004 - 11:11 AM

I'll second John on that there, phawgg. It's not a good idea to rely on MS's Automatic Updates anyway. Except I don't Subscribe to CERT--ehm, no comment on US guvment in our lives. :thumbsup:

You can sign up for Microsoft Security Notification Service here:
http://www.microsoft.com/technet/security/...tin/notify.mspx

The thing about people

is they change

when they walk away.--Mipso


#6 jgweed

jgweed
  • Topic Starter

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:01:56 AM

Posted 31 July 2004 - 06:42 PM

Information on US-Cert's role and responsibilities in the area of cyber security:

http://www.us-cert.gov/aboutus.html


I do not use the automatic update function, but prefer to download each update individually. That way I can save it to disk and have it handy in case I have to reload the OS, before I install it. I also make this disk of patches available to freinds who are still on dial-up.

Cheers,
John

Edited by jgweed, 31 July 2004 - 06:44 PM.

Whereof one cannot speak, thereof one should be silent.

#7 Guest_brunt_*

Guest_brunt_*

  • Guests
  • OFFLINE
  •  

Posted 31 July 2004 - 08:15 PM

you can slipstream all of those hotfixes and critical updates onto one disc with your xp cd!Thats what I did so when I install my os I dont have to download 50 updates there all saved to cd with xp! See here

http://www.theeldergeek.com/slipstream_01.htm




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users