[virusinfo] US-CERT Cyber Security Alert SA05-165A -- Microsoft Windows and Internet Explorer Vulnerabilities
- From: "Mike" <mikebike@xxxxxxxxx>
- To: virusinfo@xxxxxxxxxxxxx
- Date: Tue, 14 Jun 2005 21:17:47 -0700
From; US-CERT Alerts:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Microsoft Windows and Internet Explorer Vulnerabilities
Original release date: June 14, 2005
Last revised: --
Source: US-CERT
Systems Affected
Microsoft Windows and various Microsoft products, including Internet
Explorer
Overview
By taking advantage of vulnerabilities in various Microsoft
products, an attacker may be able to stop affected programs or take
control of your computer. Microsoft has released updates to address
these issues.
Solution
Install Updates
Microsoft has released security updates for Windows and Internet
Explorer. To obtain the updates, visit the Windows Update web site.
US-CERT also recommends enabling Automatic Updates.
Description
There are problems with various Microsoft applications and
features:
* Help system - The HTML Help system is used by many Microsoft
Windows applications. An attacker may be able to create a
malicious help file that may allow him or her to gain control of
your computer.
* Image handling - Images can be saved in multiple formats,
including .jpg, .gif, and .png. An attacker may be able to create
a malicious image file that, if you view it, will allow him or her
to stop affected programs or take control of your computer.
* Networking - Microsoft Windows uses networking to allow your
computer to talk to printers and other computers. A vulnerability
in Windows networking may allow an attacker to take control of
your computer.
For more technical information, see US-CERT Technical Alert
TA05-165A.
References
* US-CERT Technical Cyber Security Alert TA05-165A -
<http://www.us-cert.gov/cas/techalerts/TA05-165A.html>
* Microsoft Security Bulletin Summary for June, 2005 -
<http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx>
_________________________________________________________________
Author: Mindi McDowell. Feedback can be directed to US-CERT.
_________________________________________________________________
Revision History
June 14, 2005: Initial release
_________________________________________________________________
This document is available from:
<http://www.us-cert.gov/cas/alerts/SA05-165A.html>
Produced 2005 by US-CERT, a government organization. Terms of use
<http://www.us-cert.gov/legal.html>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQq90xhhoSezw4YfQAQI3iQf9Fe842rAMCL5LdBqRxBMqbqCbWwvSsAJc
oalk3vNHE1LI/MsQ76NT2NzYLQ78SZ+J03U9MzFZd/s5aJg0Wi80WRDsxLu2APn/
KkepDeVFOP1Dt/V/j4nGnVc+9D7n4R/1v39AV6S0RW5d6qDLJrGoO2hkBcf63Ow2
uzr/nWPnfl0ZWs0xbOX66RoiYpu8ZuRLAnOvpKY2YiJ3a+aVaiP2jzu0E4GD1Qhs
zoyB9FJG0SwyjokyQEft3B7VFHwbetoV5gfu93rV9pa2kF27iCZ6tTm1X7SnTxjk
VS6q24Qo2+j67uADIRZU7Mo4Ut7SeDbJ/BgQ2nv2Lo/+QvXFw4rSEQ==
=8A8x
-----END PGP SIGNATURE-----
*********** MIKE"S REPLY SEPARATOR ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance and OWTA Charter Member
Other related posts:
- » [virusinfo] US-CERT Cyber Security Alert SA05-165A -- Microsoft Windows and Internet Explorer Vulnerabilities
