A vulnerability has been discovered in Microsoft Internet Explorer,
which can be exploited by malicious people to compromise a user's
system. A computer running a vulnerable version of Internet Explorer
(5.01 SP4 or any version 6) can be exploited when the user visits a
malicious website containing the exploit code. Such websites are
currently out on the Internet and SNS has seen computers on the UC
Berkeley network that have been exploited. Currently there is no patch
for this vulnerability.
To avoid becoming compromised, SNS advises using extra caution when
visiting websites. Avoid websites from untrusted parties and use extreme
caution when following web links in email -- make sure you trust the URL
and "cut-and-paste" rather than clicking on the link. For extra
protection, you can set your Internet Explorer security zone settings to
"High" or disable Active Scripting (read the Microsft advisory for more
information on how to do this).
Read the Microsoft Advisory for more information:
http://www.microsoft.com/technet/security/advisory/917077.mspx
Please pass this information along to campus users and others who may be
affected by this vulnerability.
-- Allison Henry System and Network Security University of California, Berkeley http://security.berkeley.edu ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Mon Mar 27 15:41:20 2006
This archive was generated by hypermail 2.1.8 : Mon Mar 27 2006 - 15:41:21 PST