|
-
February 3rd, 2004, 06:08 AM
#1
 IE 6, 5.5, 5.01 Cumulative Security Update
Microsoft Security Bulletin MS04-004
http://www.microsoft.com/technet/sec...asp?frame=true
Cumulative Security Update for Internet Explorer (832894)
Issued: February 2, 2004
Version: 1.0
Summary- Who should read this document: Customers who are using Microsoft® Internet Explorer
Impact of vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Systems administrators should apply the security update immediately.
Security Update Replacement: This update replaces the one that is provided in Microsoft Security Bulletin MS03-048, which is itself a cumulative update.
Caveats: None
Technical Details
This is a cumulative update that includes the functionality of all the previously-released updates for Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates the following three newly-discovered vulnerabilities: - A vulnerability that involves the cross-domain security model of Internet Explorer. ...
- A vulnerability that involves performing a drag-and-drop operation with function pointers during dynamic HTML (DHTML) events in Internet Explorer. ...
- A vulnerability that involves the incorrect parsing of URLs that contain special characters. ... For example, an attacker could create a link that once clicked on by a user would display http://www.tailspintoys.com in the address bar, but actually contained content from another Web Site, such as http://www.wingtiptoys.com. ...
Tested Microsoft Windows and Office Components:
Affected Components:
More, much more ...
InternetNews.com: Microsoft Goes Off-Cycle for 'Critical' IE Patch
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
