All,
Today, Microsoft released security bulletin MS08-078, Security Update for Internet Explorer (960714), to address a vulnerability in all currently supported versions of Internet Explorer.
This security bulletin has been approved and is available from the campus WSUS service.
Thanks,
Mike Blasingame
Enterprise Windows Team
-----Original Message-----
From: ucb-security-bounces_at_lists.berkeley.edu [mailto:ucb-security-bounces_at_lists.berkeley.edu] On Behalf Of John Ives
Sent: Tuesday, December 16, 2008 2:03 PM
To: ucb-security_at_lists.berkeley.edu
Subject: [Security] Internet Explorer 0-Day
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Everyone,
Over the past several days, there have been a number of reports
discussing a new Internet Explorer (IE) exploit that is being used to
compromise Windows systems. So far the only version of IE that
Microsoft has confirmed to be vulnerable is IE 7, however Microsoft has
stated the IE 5, IE6 and IE 8 (beta) may also be vulnerable. At this
time the only preventative option available is to use a browser like
Firefox, Opera or Safari instead of Internet Explorer. This is
particularly true if you are going to untrusted sites.
Microsoft has announced that it will release an out of cycle patch for
this bug tomorrow. System and Network Security strongly encourages
everyone who uses IE to be sure to apply this patch as soon as it
becomes available.
Yours,
John Ives
System and Network Security
- --
- -------------------------------------------------------------------------
John Ives Phone (510) 642-7773 System & Network Security Cell (510)
229-8676 University of California, Berkeley
- -------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
iQEcBAEBAgAGBQJJSCV2AAoJEJkidK6qbywshaoH/2a+x37LgfR8RZOYFUFtQNnh
L5TVawIGKK9cyKk+ubWJUTEVYlmZre9lN265t76SE9+w3afqCeD++kULEUslC76x
z3V/cGKh4jp28FA5SlEghGykdPZKWfbugNDMHBp1IhgXXtR1LLreaNN8vtJayash
nlnIZQA5Dx4GIpN2wQcaKbwdEvUbpXit3383vBADQmxMoe6dGkRbf+YQrwOTzhpz
GX/bDSQzluryl0kEBfhSayj3++PZzlCmCwc9qCiecoLRm8oEqhoxdi3J6fgPZgN2
NnJKvX+ytkKqkSxoQIvUBSiADjj81C1aOeD8VAvMGZTpj5O4yEr1wXZ4ryMdY9k=
=g7jt
-----END PGP SIGNATURE-----
--------------------------------------
Sent via the ucb-security mailing list.
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:
To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Received on Wed Dec 17 2008 - 13:20:53 PST
This archive was generated by hypermail 2.2.0 : Wed Dec 17 2008 - 13:20:54 PST