|
Microsoft Windows and Internet Explorer Vulnerabilities
Original release date: June 14, 2005
Last revised: --
Source: US-CERT
Systems Affected
Microsoft Windows and various Microsoft products, including
Internet Explorer
Overview
By taking advantage of vulnerabilities in various Microsoft products,
an attacker may be able to stop affected programs or take control of your
computer. Microsoft has released updates to address these issues.
Solution
Install Updates
Microsoft has released security
updates for Windows and Internet Explorer. To obtain the updates,
visit the Windows
Update web site. US-CERT also recommends enabling Automatic
Updates.
Description
There are problems with various Microsoft applications and features:
- Help system - The HTML Help system is used by many Microsoft
Windows applications. An attacker may be able to create a malicious
help file that may allow him or her to gain control of your computer.
- Image handling - Images can be saved in multiple formats,
including .jpg, .gif, and .png. An attacker may be able to create a
malicious image file that, if you view it, will allow him or her to
stop affected programs or take control of your computer.
- Networking - Microsoft Windows uses networking to allow your
computer to talk to printers and other computers. A vulnerability
in Windows networking may allow an attacker to take control of your
computer.
For more technical information, see US-CERT
Technical Alert TA05-165A.
References
Author: Mindi McDowell. Feedback can be directed to
US-CERT.
Produced 2005 by US-CERT, a government organization. Terms of use
Revision History
June 14, 2005: Initial release
|
|
|
Last updated
February 11, 2008
|
|