Does this mean that there are machines on campus that have been
compromised specifically by this new attack vector? If so, how is that
detected, and can other admins on campus use that detection mechanism on
the networks they oversee? Thanks in advance.
-Sean
Allison Henry wrote:
> A vulnerability has been discovered in Microsoft Internet Explorer,
> which can be exploited by malicious people to compromise a user's
> system. A computer running a vulnerable version of Internet Explorer
> (5.01 SP4 or any version 6) can be exploited when the user visits a
> malicious website containing the exploit code. Such websites are
> currently out on the Internet and SNS has seen computers on the UC
> Berkeley network that have been exploited. Currently there is no patch
> for this vulnerability.
>
> To avoid becoming compromised, SNS advises using extra caution when
> visiting websites. Avoid websites from untrusted parties and use extreme
> caution when following web links in email -- make sure you trust the URL
> and "cut-and-paste" rather than clicking on the link. For extra
> protection, you can set your Internet Explorer security zone settings to
> "High" or disable Active Scripting (read the Microsft advisory for more
> information on how to do this).
>
> Read the Microsoft Advisory for more information:
> http://www.microsoft.com/technet/security/advisory/917077.mspx
>
> Please pass this information along to campus users and others who may be
> affected by this vulnerability.
>
>
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Wed Mar 29 11:15:24 2006
This archive was generated by hypermail 2.1.8 : Wed Mar 29 2006 - 11:15:24 PST