Multiple Vulnerabilities in Microsoft Windows

Systems Affected

Systems running Microsoft Windows

Overview

Microsoft Windows contains multiple vulnerabilities, the most serious of which could allow attackers to take control of your computer.

Description

Microsoft's updated Home User Security Bulletin for February 2004 describes more vulnerabilities in the Microsoft Windows operating system. Microsoft is tracking these issues as Security Update 828028.

It is unclear at this time how many different ways your computer can be compromised using these vulnerabilities, so we recommend you apply the updates below as soon as possible. A technical description of these vulnerabilities is available from US-CERT in TA04-041A and from Microsoft in MS04-007.

Resolution

Apply a patch

Microsoft has released a home user bulletin describing how to determine what patches you will need and how to get them. Follow the procedures outlined in Microsoft's updated Home User Security Bulletin for February 2004.

For additional information, and to receive updates on this alert, go to http://www.us-cert.gov/cas/alerts/SA04-041A.html

References

• US-CERT Technical Alert TA04-041A - <http://www.us-cert.gov/cas/techalerts/TA04-041A.html>
• Microsoft's Updated Home User Security Bulletin for February 2004 - <http://www.microsoft.com/security/security_bulletins/20040210_windows.asp>
• Microsoft Security Bulletin MS04-007 - <http://www.microsoft.com/technet/security/bulletin/MS04-007.asp>
• Microsoft Knowledge Base Article 828028: An ASN.1 vulnerability could allow code execution - <http://support.microsoft.com/?kbid=828028>

This document is available from <http://www.us-cert.gov/cas/alerts/SA04-041A.html>

Copyright 2004 Carnegie Mellon University. Terms of use

Revision History

February 10, 2004: Initial release