Information Technology Services: Alerts Archive

ALARM Group ALERTclick for a description of ALARM, The Computing Alert System
Alert Number:  120204-01
Alert Date:  12/02/04
Alert Title:  MS Releases Security Bulletin to fix IE vulnerability
Update-to:  None
OS/Platform/Application:  Microsoft Internet Explorer (6.1) on Microsoft Windows NT. Server 4.0 Terminal Server Edition (Service Pack 6), Microsoft Windows 2000 (Service Packs 3 and 4), Microsoft Windows XP (Service Pack 1, running either IE 6.1 or 6), Microsoft Windows 98 SE/ME
Category:  ALERT
Severity:  HIGH
Attention:  Windows System Administrators, Desktop Support Personnel

Summary:  Microsoft has released service bulletin MS04-040 to address a vulnerability in Internet Explorer which can allow a remote attacker to take complete control of a vulnerable system. A vulnerable system can be exploited unbeknownst to the user when the user visits a web site that contains a specially-crafted piece of malicious code. Information about this exploit has been available on the Internet for several weeks and at least one worm (Bofra) has been shown to take advantage of this vulnerability. The release date for MS-040 was December 1st.

Recommended Actions:  It is recommended that you read the security bulletin and (if appropriate) apply the update immediately. Be advised that Microsoft has issued a set of caveats associated with this update; users should read all pertinent documentation to minimize the risk of unfavorable results following the installation of this update. Users should also update their systems' AntiVirus signature files immediately to ensure that definitions for Bofra are applied to scanning processes.

ITS Actions:  At this time, ITS is taking no specific additional actions to counter this threat. An update will be issued if this situation changes.

Resources:
Bulletin Page:
http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx

Caveats Page:
http://support.microsoft.com/kb/889293

Symantec Info for Bofra worm:
http://www.symantec.com/avcenter/venc/data/w32.bofra.e@mm.html

US-CERT advisory for IE vulnerability (provides a good overview):
http://www.kb.cert.org/vuls/id/842160

NOTE:  PLEASE DO NOT REPLY TO THIS ALERT.  Alerts distributed by ALARM are not intended to supplant whatever security measures you are currently following. Technology coordinators, as well as the entire Ualbany computing community should continue to take all necessary precautions against threats to system security and information integrity.

Current Students  |  New Students  |  Distance Learners  |  Faculty  |  New Faculty  |  Staff
Training  |  Schedules / Hours  |  Forms  |  FAQs & User Guides  |  Policies  |  About ITS  |  Home

University at Albany homepage