ITS Homepage Click here for text version of ITS homepage
Contact UAlbany Directories Calendars & Schedules Visitors Site Index Search
Admissions Academics Research IT Services Libraries Athletics
alerts_tag
ITS Alerts
Microsoft releases advisory for UNPATCHED Internet Explorer Vulnerability



ALARM Group ALERT - click for a description of ALARM, The Computing Alert System
Alert Number:  032406-01
Alert Date:  03/24/06
Alert Title:  Microsoft releases advisory for UNPATCHED Internet Explorer Vulnerability
Update-to:   None
OS/Platform/Application: 
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows XP (Service Packs 1 and 2)
Microsoft Internet Explorer 6 on Microsoft Windows Server 2003, Server 2003 for Itanium-based systems, and x64 Edition (including Service Pack 1)
Microsoft Internet Explorer 6 on Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, on Microsoft Windows 98 SE, and ME
Microsoft Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Category:  ALERT
Severity:  HIGH
Attention:  System Administrators, Desktop Support Personnel

Summary:   On March 23 2006 Microsoft released security advisory 917077.  This advisory contains details of a vulnerability in Internet Explorer that could allow for the execution of arbitrary code on a vulnerable system if the end-user was persuaded to open a malicious website (via a link in an email, instant message, etc).  At the time of this writing (9:30 EST 3/24/06) the vendor states "We have seen examples of proof of concept code but we are not aware of attacks that try to currently no patch available from Microsoft to address this vulnerability but the security advisory does offer workarounds that include prompting/disabling active
scripting or changing the browser security level to its highest setting.

Recommended Actions:  As a precautionary measure, administrators of systems that use the above-listed versions of Internet Explorer are encouraged to read the security bulletin (link provided below) and consider the implementation of the workarounds.  Other potential courses of action include reminding all users not to visit/click on links to unknown/untrusted web sites and/or to use alternative web browser software.

ITS Actions: At this time ITS is taking no additional actions to address this vulnerability.  An update will be issued if any new actions are taken.

Resources:

Microsoft Security Advisory 917077:
http://www.microsoft.com/technet/security/advisory/917077.mspx
 

BLANKABCDEFGHIJKLMBLANK
BLANKNOPQRSTUVWXYZBLANK
CHOOSE FROM the ITS Site Index

GO TO an ITS Group

Information Technology Services
University at Albany, SUNY
1400 Washington Avenue
Albany, NY 12222
ITS Service Centers:  518-442-4000
  		University at Albany Home Page
Contact UAlbany | Directories | Calendars | Visitors | Site Index | Search
Admissions | Academics | Research | IT Services | Libraries | Athletics
Internet Privacy Policy              IT Policies