Results 1 to 6 of 6

Thread: Cumulative Patch for Internet Explorer (828750)

  1. #1
    Head Honcho Administrator Reverend's Avatar
    Join Date
    Apr 2002
    Location
    England
    Posts
    14,044

    Exclamation Cumulative Patch for Internet Explorer (828750)

    MS03-040 : Cumulative Patch for Internet Explorer (828750)

    This is a cumulative patch that includes the functionality of all previously released patches for Internet Explorer 5.01, 5.5 and 6.0. In addition, it eliminates the following newly discovered vulnerabilities:

    A vulnerability that occurs because Internet Explorer does not properly determine an object type returned from a Web server in a popup window. It could be possible for an attacker who exploited this vulnerability to run arbitrary code on a user's system. If a user visited an attacker's Web site, it could be possible for the attacker to exploit this vulnerability without any other user action. An attacker could also craft an HTML–based e-mail that would attempt to exploit this vulnerability.

    A vulnerability that occurs because Internet Explorer does not properly determine an object type returned from a Web server during XML data binding. It could be possible for an attacker who exploited this vulnerability to run arbitrary code on a user's system. If a user visited an attacker's Web site, it could be possible for the attacker to exploit this vulnerability without any other user action. An attacker could also craft an HTML–based e-mail that would attempt to exploit this vulnerability.

    In addition, a change has been made to the method by which Internet Explorer handles Dynamic HTML (DHTML) Behaviors in the Internet Explorer Restricted Zone. It could be possible for an attacker exploiting a separate vulnerability (such as one of the two vulnerabilities discussed above) to cause Internet Explorer to run script code in the security context of the Internet Zone. In addition, an attacker could use Windows Media Player’s (WMP) ability to open URLs to construct an attack. An attacker could also craft an HTML-based e-mail that could attempt to exploit this behavior.

    To exploit these flaws, the attacker would have to create a specially formed HTML–based e-mail and send it to the user. Alternatively an attacker would have to host a malicious Web site that contained a Web page designed to exploit these vulnerabilities.

    Download: All versions except Microsoft Internet Explorer 6.0 for Windows Server 2003

    Download: Microsoft Internet Explorer 6.0 for Windows Server 2003

    View: Microsoft Security Bulletin MS03-040

    View: Microsoft Knowledge Base Article - 828750

    =========== Please Read The Forum Rules ===========

  2. #2
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,941
    There were two updates that came today via autoupdate.. This one and another..

    But I forgot the other's name.

  3. #3
    Head Honcho Administrator Reverend's Avatar
    Join Date
    Apr 2002
    Location
    England
    Posts
    14,044
    Originally posted by Big Booger
    There were two updates that came today via autoupdate.. This one and another..

    But I forgot the other's name.
    Was it this one Windows Media Player Script Command Patch

    =========== Please Read The Forum Rules ===========

  4. #4
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,329
    I only had one patch that downloaded. It was titled Cumulative Patch for KB828750 Service Pack 1.
    Linux Mint Debian Edition

  5. #5
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    i just updated both patches from MS Update, no probs

    I wonder, with M$ annoucnements, what their plans are for the the security patch program... are they going to make the OS phone home all the time for updates and control ??

    --- 0wN3D by 3gG ---

  6. #6
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,941
    Originally posted by Reverend
    Was it this one Windows Media Player Script Command Patch
    Rev,
    YOu must have installed some kind of keylogger on my comp.. hehehe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •