--- US-CERT Alerts <alerts@xxxxxxxxxxx> wrote: > Date: Tue, 12 Apr 2005 21:19:54 -0400 > From: US-CERT Alerts <alerts@xxxxxxxxxxx> > To: alerts@xxxxxxxxxxx > Subject: US-CERT Cyber Security Alert SA05-102A -- Multiple > Vulnerabilities in Microsoft Windows Components > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Cyber Security Alert SA05-102A > > Multiple Vulnerabilities in Microsoft Windows Components > > > Original release date: April 12, 2005 > Last revised: -- > Source: US-CERT > > > Systems Affected > > * Microsoft Windows Systems > > For a complete list of affected versions of the Windows operating > systems and components, refer to the April 2005 Updates for Windows, > MSN Messenger, and Office. > > > Overview > > There are multiple vulnerabilities in Microsoft Windows, Internet > Explorer, MSN Messenger, and Word. > > > Description > > There are vulnerabilities in Microsoft Windows, Internet Explorer, > MSN Messenger, and Word that may allow an attacker to take control > of your computer or cause it to crash. To exploit some of these > vulnerabilities, an attacker may attempt to convince you to view a > malicious web page, image, or Word document. > > For more technical information, see US-CERT Technical Alert > TA05-102A. > > > Resolution > > Apply an update > > Obtain the appropriate updates from Windows Update or by using > Automatic Updates. > > Do not follow unsolicited links > > Do not click on unsolicited links received in email, instant > messages, web forums, or chat rooms. While this is generally a good > security practice, following this behavior will not prevent the > exploitation of these vulnerabilities in all cases. > > Maintain updated anti-virus software > > Anti-virus software with updated virus definitions may identify and > prevent some exploit attempts. Update your anti-virus software. > More information about viruses and anti-virus vendors is available > on the US-CERT Computer Virus Resources page. > > > References > > * Microsoft Security Bulletin Summary for April, 2005 - > > <http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx> > > * US-CERT Technical Cyber Security Alert TA05-102A - > <http://www.us-cert.gov/cas/techalerts/TA05-102A.html> > > * US-CERT Vulnerability Note VU#774338 - > <http://www.kb.cert.org/vuls/id/774338> > > * US-CERT Vulnerability Note VU#756122 - > <http://www.kb.cert.org/vuls/id/756122> > > * US-CERT Vulnerability Note VU#222050 - > <http://www.kb.cert.org/vuls/id/222050> > > * US-CERT Vulnerability Note VU#633446 - > <http://www.kb.cert.org/vuls/id/633466> > > * US-CERT Vulnerability Note VU#233754 - > <http://www.kb.cert.org/vuls/id/233754> > > * US-CERT Vulnerability Note VU#442567 - > <http://www.kb.cert.org/vuls/id/442567> > > * US-CERT Vulnerability Note VU#752591 - > <http://www.kb.cert.org/vuls/id/752591> > > _________________________________________________________________ > > Authors: Eric J. Hayes and Art Manion. Feedback can be directed to > US-CERT. Send mail to <cert@xxxxxxxx>. Please include the subject > line "SA05-102A Feedback VU#222050". > _________________________________________________________________ > > > Copyright 2005 Carnegie Mellon University. > > Terms of use: <http://www.us-cert.gov/legal.html> > > _________________________________________________________________ > > > This document is available from > > <http://www.us-cert.gov/cas/alerts/SA05-102A.html> > > _________________________________________________________________ > > > Revision History > > April 12, 2005: Initial release > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iQEVAwUBQlxzNxhoSezw4YfQAQIA2gf9GlzquXm7kq75VmjMVRjn8Vri5yiaSdZQ > qAv6NOLmgTXCh063pwIintChMq82rzuhnGYGwnaB/ELs1RzzrhENrOjdnSBdFk/Q > Q5ZSPRLvEwBCWBS72ODsw5vmab3b7OqCTJ/NLlvoGwDbmd2YgR2h1fwxfUNHXNau > eiahMtwCMIYnyJyTXxhCdCQXjD3LMCaFjkRWXOq9VaFMaex7FEnGLvwEToyV7aLp > QWmEZnY1vnsTR+kUiwR4VmRdxEizPD0uNB4DxtVGGztBuZnbVsIZ88iXhKd1uTHY > bykPk86/QQ+HsvjOfMeXELbOSDofa8sD+zcPO9I+qIXKosYPt4yPaw== > =xTDx > -----END PGP SIGNATURE----- > > > -- <Please delete this line and everything below.> To unsub or change your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/