ITS Homepage Click here for text version of ITS homepage University at AlbanyUAlbany Site IndexUAlbany Search
alerts_tag
ITS Alerts
Microsoft Updates security information to address Internet Explorer Exploit



ALARM Group ALERT ¿ click for a description of ALARM, The Computing Alert System
Alert Number:  120105-01
Alert Date:  11/1/05
Alert Title:  Microsoft Updates security information to address Internet Explorer Exploit
Update-to:   112205-01 "Microsoft releases security advisory to address Internet Explorer Exploit"
OS/Platform/Application:
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 (including Service Pack 1) on Microsoft Windows XP Service Packs 1 and 2
Internet Explorer 6 on Microsoft Windows XP Professional x64 Edition
Internet Explorer 6 on Microsoft Windows Server 2003 (including Service Pack 1)
Internet Explorer 6 on Microsoft Windows Server 2003 for Itanium-based Systems (including Service Pack 1)
Internet Explorer 6 on Microsoft Windows Server 2003 x64 Edition
Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, and Millennium Edition
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Category:  UPDATE
Severity:  HIGH
Attention:  Windows System Administrators, Desktop Support Personnel, Users of above-listed version of MS Internet Explorer

Summary:  On November 29 2005 Microsoft updated its security advisory 911302 and also its Malicious Software Encyclopedia to provide additional information about a vulnerability that affects certain **fully-patched** windows systems that utilize the popular Internet Explorer web browser.  The new information acknowledges the existence of malicious software that exploits the vulnerability and offers an additional workaround option (as of this writing a patch has not net been released by the vendor).

Recommended Actions:  System Administrators and support personnel are encouraged to read the updated version of security advisory 911302 (link provided below) and also the Malicious Software Encyclopedia (link provided below) for more insight into the status of the vulnerability, details of infection/exploitation, and also the option of using Microsoft's Windows Live Safety Center as a method of system compromise detection/remediation.

ITS Actions:  ALARM will continue to release updates as new information/recommended actions become available.

Resources:
Microsoft Security Advisory 911302:
http://www.microsoft.com/technet/security/advisory/911302.mspx

Malicious Software Encyclopedia entry for TrojanDownloader:Win32/Delf.DH (relevant to advisory 911302):
http://www.microsoft.com/security/encyclopedia/details.aspx?name=TrojanDownloader:Win32/Delf.DH

 
 

BLANKABCDEFGHIJKLMBLANK
BLANKNOPQRSTUVWXYZBLANK
CHOOSE FROM the ITS Site Index

GO TO an ITS Group

Information Technology Services
University at Albany, SUNY
1400 Washington Avenue
Albany, NY 12222
ITS Service Centers:  518-442-4000
  		University at Albany Home Page
Contact UAlbany | Directories | Calendars | Visitors | Site Index | Search
Admissions | Academics | Research | IT Services | Libraries | Athletics
Internet Privacy Policy              IT Policies