Multiple Vulnerabilities in Microsoft Windows Components and Outlook Express

• Microsoft Windows Systems

Microsoft has released a Security Bulletin Summary for July, 2004. There are several security bulletins released in this summary.

 

I. Description

Microsoft’s Security Bulletin Summary for July, 2004 includes summaries of several bulletins that address vulnerabilities in various Windows applications and components. For more technical information, see US-CERT Technical Alert TA04-196A.

II. Impact

An attacker may be able to control your computer if these vulnerabilities are exploited.

III. Solution

Apply a patch

Microsoft has provided the patches for these vulnerabilities in the Security Bulletins and on Windows Update.

Do not follow unsolicited links

Do not click on unsolicited links received in email, instant messages, web forums, or chat rooms. While this is generally a good security practice, following this behavior will not prevent the exploitation of these vulnerabilities in all cases.

Maintain updated anti-virus software

Anti-virus software with updated virus definitions may identify and prevent some exploit attempts. Update your anti-virus software. More information about viruses and anti-virus vendors is available on the US-CERT Computer Virus Resources page.

Appendix A. Vendor Information

Specific information about the Security bulletins are available in the Security Bulletin Summary for July, 2004 and the US-CERT Vulnerability Notes for these issues. 
 

Appendix B. References

• Microsoft’s Security Bulletin Summary for July, 2004 – <http://www.microsoft.com/security/bulletins/200407_windows.mspx>
• US-CERT Technical Cyber Security Alert TA04-196A – <http://www.us-cert.gov/cas/techalerts/TA04-196A.html>
• US-CERT Vulnerability Note VU#106324 – <http://www.kb.cert.org/vuls/id/106324>
• US-CERT Vulnerability Note VU#187196 – <http://www.kb.cert.org/vuls/id/187196>
• US-CERT Vulnerability Note VU#920060 – <http://www.kb.cert.org/vuls/id/920060>
• US-CERT Vulnerability Note VU#228028 – <http://www.kb.cert.org/vuls/id/228028>
• US-CERT Vulnerability Note VU#717748 – <http://www.kb.cert.org/vuls/id/717748>
• US-CERT Vulnerability Note VU#647436 – <http://www.kb.cert.org/vuls/id/647436>
• US-CERT Vulnerability Note VU#868580 – <http://www.kb.cert.org/vuls/id/868580>
• US-CERT Vulnerability Note VU#869640 – <http://www.kb.cert.org/vuls/id/869640>
• Increase Your Browsing and E-Mail Safety – <http://www.microsoft.com/security/incident/settings.mspx>
• Working with Internet Explorer 6 Security Settings – <http://www.microsoft.com/windows/ie/using/howto/security/settings.mspx>

 

This alert was created by Jason A. Rafail. Feedback can be directed to the Vulnerability Note authors: Jason A. Rafail, Jeffrey P. Lanza, Chad R. Dougherty, Damon G. Morda, and Art Manion.

Copyright 2004 Carnegie Mellon University. Terms of use

Revision History

• July 14, 2004: Initial release
  

Last updated 

Source link