Microsoft Security Advisory 923762 Released

[Dr.Melzer]

Folgendes Advisory, ist gestern bei uns eingetroffen:

*****************************************

What is this alert?

This alert is to notify you that Microsoft has released Security Advisory 923762 - Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit - on 22 August 2006.

========================================

Summary:

========================================

On August 15th, 2006, Microsoft announced that it would be re-releasing MS06-042 Tuesday, August 22, 2006 to address an issue affecting Internet Explorer 6 Service Pack 1 customers discussed in Knowledge Base article 923762.

Due to an issue discovered in final testing, Microsoft will not be re-releasing MS06-042 today. This update will be re-released for Internet Explorer 6 Service Pack 1 when it meets an appropriate level of quality for broad distribution.

Microsoft is also aware of public reports that this issue can lead to a buffer overrun condition for Internet Explorer 6 Service Pack 1 customers that have applied MS06-042. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time. Microsoft is aggressively investigating the public reports.

Only customers using Internet Explorer 6.0 SP1 are affected, all other customers should continue their deployments of MS06-042. Customers using Internet Explorer 6.0 SP 1 should continue their deployment of MS06-042 and follow the existing guidance provided in Knowledge Base article 923762 and the Suggested Actions section of this Security Advisory.

========================================

Recommendations:

========================================

Review Security Advisory 923762 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQ) and links to additional resources.

Customers who believe they have been attacked should contact their local FBI office or report their situation to www.ic3.gov. Customers outside the U.S. should contact the national law enforcement agency in their country.

Customers who believe they are affected can contact Product Support Services. Contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1866-PCSAFETY) and international customers by using any method found at this location: Security Help and Support for Home Users.

[Dr.Melzer]

========================================

Additional Resources:

========================================

• Microsoft Security Advisory 923762 – Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit
Microsoft Security Advisory (923762): Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit



• Microsoft Security Bulletin MS06-042 - Cumulative Security Update for Internet Explorer (918899)

http://www.microsoft.com/technet/sec.../ms06-042.mspx

German Bulletin: http://www.microsoft.com/germany/tec.../ms06-042.mspx

• Microsoft Knowledgebase Article 918899 - MS06-042: Cumulative security update for Internet Explorer

MS06-042: Cumulative security update for Internet Explorer

German KB: MS06-042: Cumulative security update for Internet Explorer


• Microsoft Knowledgebase Article 923762 - Internet Explorer 6 Service Pack 1 unexpectedly exits after you install the 918899 update

Internet Explorer 6 Service Pack 1 unexpectedly exits after you install the 918899 update

German KB: Nachdem Sie das Update 918899 installiert haben, wird Internet Explorer 6 Service Pack 1 unerwartet beendet

• MSRC Blog:

Welcome to the Microsoft Security Response Center Blog!

Note: check the MSRC Blog periodically as new information may appear there.

========================================

Regarding Information Consistency:

========================================

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Security Advisories posted to the web are occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in the web-based Security Advisory, the information in the web-based Security Advisory is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,

Microsoft PSS Security Team

[zahni]

Hier noch eine Entschuldigung:

IEBlog : Update coming for IE 6.0 SP1 security vulnerability

-Zahni