From alerts@us-cert.gov Wed Nov 10 17:19:19 2004 From: US-CERT Alerts To: alerts@us-cert.gov Date: Wed, 10 Nov 2004 15:41:47 -0500 Subject: US-CERT Cyber Security Alert SA04-315A -- Vulnerability in Microsoft Internet Explorer -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cyber Security Alert SA04-315A Vulnerability in Microsoft Internet Explorer Original release date: November 10, 2004 Last revised: -- Source: US-CERT Systems Affected * Internet Explorer versions 6.0 and later; previous versions of Internet Explorer may also be affected Overview By taking advantage of a vulnerability in Internet Explorer, an attacker may be able to take control of your computer. Solution Upgrade to Windows XP SP2 Windows XP Service Pack 2 does not seem to be affected. If you are running Windows XP, you can install Service Pack 2 using Windows Update or Automatic Updates. Follow good security practices The following practices may offer additional protection against this vulnerability: * Disable Active scripting - Attackers may be able to take advantage of Active scripting to exploit this vulnerability. Instructions for disabling Active scripting are available in the Malicious Web Scripts FAQ. * Don't follow unsolicited links - By convincing you to follow a link, an attacker may be able to send you to a malicious site. Don't click on unsolicited URLs received in email, instant messages, web forums, or Internet relay chat (IRC) channels. * Read and send email in plain text format - Many email clients use the same programs as web browsers to display HTML, so vulnerabilities that affect active content like JavaScript and ActiveX often apply to email. * Maintain updated anti-virus software - It is important that you use anti-virus software and keep it up to date. Most anti-virus software vendors frequently release updated information, tools, or virus databases to help detect and recover from virus infections. Many anti-virus packages support automatic updates of virus definitions. US-CERT recommends using these automatic updates when possible. Description There is a vulnerability in the way Internet Explorer processes certain HTML code. By exploiting the vulnerability, an attacker may be able to take control of your computer or cause a denial of service. For more technical information, see TA04-315A. References * Browsing Safely: Understanding Active Content and Cookies - * Understanding Anti-Virus Software - * Understanding Denial-of-Service Attacks - * Security Improvements in Windows XP Service Pack 2 - * US-CERT Technical Cyber Security Alert TA04-315A - * Vulnerability Note VU#842160 - _________________________________________________________________ Feedback can be directed to US-CERT. Send mail to . Please include the Subject line "SA04-315A Feedback VU#842160". _________________________________________________________________ Copyright 2004 Carnegie Mellon University. Terms of use: _________________________________________________________________ This document is available from _________________________________________________________________ Revision History November 10, 2004: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQZJ64RhoSezw4YfQAQIjGAf/d7SlNBlHP2JCLvb40mvwIhBAsLwEUsB3 BOtfIJFV8tec382fHAEVQDL/PRU049xmdiaGTj8UMKY3gVP8AUYP40guebt7Ujap C2ijCVRFCWm7kAczwRXh8C0fes6SuOMBPoyMdbrnVaccRJaEuhSzgnYIiOs88a0C RD/XZfcteJDUOAvV/J0iccPyng91uJahhC964BW/HrSO3rgrpValnmf2jEPckPfl vYGPdpZ+wcDbzspROvwwLZRcdY/iZD6t1TFkH1kSDHe4oMj5FZbbD+PNCTOVZ/y+ SU0PepVndJgW6olw8VxK6dqUrNyMStEkdsVqwNCYuIAVRVDLZfT4nA== =44Pc -----END PGP SIGNATURE-----