US-CERT Technical Cyber Security Alert TA10-021A -- Microsoft Internet Explorer Vulnerabilities

22/01/10, US-CERT Technical Cyber Security Alert TA10-021A -- Microsoft Internet Explorer Vulnerabilities
From: US-CERT Technical Alerts <technical-alerts@us-cert.gov>

Generated by MHonArc

CSIM Logo WelcomeCourses
Faculty, Student, Staff
Projects and reports
Conferences, workshop and seminars
Laboratories and reasearch facilities
Information related to CSIM
Information non-related to CSIM
Address, map, phone, etc.
Search

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


To: technical-alerts@us-cert.gov
Subject: US-CERT Technical Cyber Security Alert TA10-021A -- Microsoft Internet Explorer Vulnerabilities
From: US-CERT Technical Alerts <technical-alerts@us-cert.gov>
Date: Thu, 21 Jan 2010 15:54:30 -0500
Delivered-to: on@cs.ait.ac.th
List-archive: <http://www.us-cert.gov/cas/techalerts>
List-help: <http://www.us-cert.gov/cas/#tech>, <mailto:Majordomo@us-cert.gov?body=help>
List-id: US-CERT Technical Alerts <technical-alerts.us-cert.gov>
List-post: NO (posting not allowed on this list)
List-subscribe: <mailto:Majordomo@us-cert.gov?body=subscribe%20technical-alerts>
List-unsubscribe: <mailto:Majordomo@us-cert.gov?body=unsubscribe%20technical-alerts>
Mail-from: From technical-alerts@us-cert.gov Fri Jan 22 07:28:00 2010
Organization: US-CERT - +1 202-205-5266

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    National Cyber Alert System

              Technical Cyber Security Alert TA10-021A


Microsoft Internet Explorer Vulnerabilities

   Original release date: 
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Internet Explorer


Overview

   Microsoft has released out-of-band updates to address critical
   vulnerabilities in Internet Explorer.


I. Description

   Microsoft has released updates for multiple vulnerabilities in
   Internet Explorer, including the vulnerability detailed in
   Microsoft Security Advisory 979352 and US-CERT Vulnerability Note
   VU#49251.


II. Impact

   By convincing a user to view a specially crafted HTML document or
   Microsoft Office document, an attacker may be able to execute
   arbitrary code with the privileges of the user.


III. Solution

   Apply updates
   
   Microsoft has released updates to address these vulnerabilities.
   Please see Microsoft Security Bulletin MS10-002 for more
   information.
   
   Apply workarounds
   
   Microsoft has provided workarounds for some of the vulnerabilities
   in MS10-002.


IV. References

 * Microsoft Security Bulletin MS10-002 -
   <http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx>

 * Microsoft Security Advisory 979352 -
   <http://www.microsoft.com/technet/security/advisory/979352.mspx>

 * US-CERT Vulnerability Note VU#49251 -
   <http://www.kb.cert.org/vuls/id/492515>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA10-021A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA10-021A Feedback VU#49251" in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2010 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
  
  January 21, 2010: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS1i9/C/E9ke+6HGsAQJdMQgA0HJlKy01j6rUpcpU9VHnGgPv56akxzac
YQIWL0n3ggsc6EKcDM6Nnes6+VXFuZyNuzw16S2sTSh13PLjRiAdEtM3a5k/TDrX
LdUEzipjYnXm0jn7EwGpoxNOHFI1fIaQhnQuWhM9S3Ri4lClROl0NZSAJnjIy7sU
UiTuIkN2x/nTmYwgVXX4bczRFStgcqkcv16BHIChXqHO/zOGK0ACO/b8oG0zIHPg
rEsvPy86M7v5LCNGGf6+H3bkcwjoWEOcPuXhpQkJT7BDWsz8F+kUCvCdMbbmTFzZ
d0cdSCKyS7Wo9iBGBmD8R84GIALwnTyRdr9QtiFlA4UWOScV/7JFQQ==
=L4w6
-----END PGP SIGNATURE-----


Previous message sorted by date: US-CERT Technical Cyber Security Alert TA10-013A -- Adobe Reader and Acrobat Vulnerabilities
Next message sorted by date: US-CERT Technical Cyber Security Alert TA10-040A -- Microsoft Updates for Multiple Vulnerabilities
Previous message sorted by thread: US-CERT Technical Cyber Security Alert TA10-013A -- Adobe Reader and Acrobat Vulnerabilities
Next message by thread: US-CERT Technical Cyber Security Alert TA10-040A -- Microsoft Updates for Multiple Vulnerabilities
Main Index
Thread Index

CSIM home pageWMailAccount managementCSIM LibraryNetwork test toolsSearch CSIM directories
Contact us: Olivier Nicole CSIM    SET    AIT Last update: Feb 2010