Skip Navigation


 UCLA Directory Map Calendar  
UCLA ASTF Applied Security Task Force Contact: safecomputing@ucla.edu
SECURITY at UCLA
ASTF MEMBERS
POLICIES
ALERTS
BULLETINS
FAQ
PROJECTS
SECURITY TOOLS
UC SECURITY
 
 
  Advisories IE Vulnerability (3-24-2006)


IE Vulnerability

A critical IE vulnerability with DHTML has been exposed. If exploited this could allow remote execution of code. A user would have to visit or be redirected to a specially crafted page for this exploit.

Microsoft is working on a fix, but currently the only option is to disable Active X to mitigate risk of exploitation.

For more information, please see:

Secunia Advisory #18680
CERT Vulnerability Note #876678

Microsoft will update info here as it becomes available:

http://www.microsoft.com/technet/security/advisory/default.mspx

Instructions to Disable Active X (warning will break many sites if you don't add them to "Trusted Sites"):

http://www.us-cert.gov/reading_room/securing_browser/#Internet_Explorer

Our recommendation is that users practice safe browsing and visit sites they know and trust.

This advisory is brought to you by UCLA's Applied Security Task Force.

 


safecomputing@ucla.edu