1. Technology

Your suggestion is on its way!

An email with a link to:

http://antivirus.about.com/library/weekly/aa082702a.htm

was emailed to:

Thanks for sharing About.com with others!

Microsoft Warns of Severe Vulnerabilities
Dangerous exploits affecting browser and operating systems
 Related Resources
• Virus Encyclopedia
• Glossary of terms
 
 Elsewhere on the Web
• Security Bulletin MS02-045
• Security Bulletin MS02-045
• WindowsUpdate.com
 

Microsoft has issued a cumulative patch to shore up weaknesses in Internet Explorer that, at their worst, could allow arbitrary code to be executed on the system. Internet Explorer versions 5.01, 5.5, and 6.0 are affected. Microsoft has identified the cumulative patch release as a critical update. The patch includes fixes for six newly identified critical vulnerabilites as well as a cumulative update of all previous patches released for the pertinent versions of Internet Explorer.

The most serious exploit of the vulnerabilities could allow a malicious person full control of a users' system via specially crafted HTML email or web page. Because the exploit is carried out using HTML only, having the email client configured to use the Restricted Zones setting is not adequate to prevent exploit. Microsoft cautions that the attackers would be granted the same rights as the user, effectively giving the ability to add, change, and delete files, change settings on the system, or take any other action the user themselves might be capable of taking. Comprehensive details on the patch and the exploits covered are available in the Microsoft Knowledge Base article Q323759 and discussed in the Microsoft Security Bulletin MS02-047.

A second cumulative patch has also been released for systems running Microsoft Windows NT, Windows 2000 or Windows XP. The vulnerability covered in this patch allows an attacker to launch a denial of service attack on the target system, crashing the machine and possibly allowing execution of arbitrary code. A proof of concept tool, using a graphical interface to target and crash the system of choice, has already been released via the Internet. Microsoft Security Bulletin MS02-045 provides complete details.

The Windows Update site will automatically scan your system and provide a list of critical, product, and driver updates required or recommended for the specific system.

Subscribe to the Newsletter
Name
Email

You can opt-out at any time. Please refer to our privacy policy for contact information.

©2014 About.com. All rights reserved.