|
ALARM Group ALERT - click for a description of ALARM, The Computing Alert System
Alert Number: 092206-01
Alert Date: 9/22/06
Alert Title: SANS increases infocon level for *UNPATCHED* VML vulnerability in Internet Explorer
Update-to: 091906-01 "*UNPATCHED* VML vulnerability in Internet Explorer"
OS/Platform/Application: Microsoft Internet Explorer version 5 and later
Category: ALERT
Severity: HIGH
Attention: System Administrators, Desktop Support Personnel, IE users, Microsoft Outlook users
|
Summary: On September 22 2006 the SANS institute updated its infocon level from green to yellow in response to indications of increasingly widespread exploitation of an (at the time of this writing) unpatched vulnerability in Microsoft Internet Explorer/Microsoft Outlook.
Recommended Actions: Persons who manage, maintain or use Windows systems that run IE 5.0 and later and/or Microsoft Outlook are encouraged to read The updated SANS Diary entry to obtain a better understanding of the vulnerability and possible options that may be taken to minimize the risk of exploit on their systems (in both University and home environments).
ITS Actions: At this time, ITS is taking no specific additional actions to address this software vulnerability. An update will be issued if the situation changes.
Resources:
SANS Diary Article:
http://isc.sans.org/diary.php?storyid=1727
