Dr.Melzer 191 Geschrieben 19. August 2005 Melden Teilen Geschrieben 19. August 2005 Diese Meldung ist gestern Abend eingetroffen: This alert is to notify you of the release of Microsoft Security Advisory (906267) A COM Object (Msdds.dll) Could Cause Internet Explorer to Unexpectedly Exit. Microsoft is investigating new public reports of a possible vulnerability in Internet Explorer. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time. Microsoft is aggressively investigating the public reports. The Microsoft DDS Library Shape Control (Msdds.dll) is a COM object that could, when called from a Web page displayed in Internet Explorer, cause Internet Explorer to unexpectedly exit. This condition could potentially allow remote code execution if a user visited a malicious Web site. This COM Object is not marked safe for scripting and is not intended for use in Internet explorer. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Microsoft is concerned that this new report of a vulnerability in Internet Explorer was not disclosed responsibly, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed. Microsoft encourages users to exercise caution when opening links in e-mail. For more information about Safe Browsing, visit the Trustworthy Computing Web site. We continue to encourage customers to follow our Protect Your PC guidance of enabling a firewall, applying software updates and installing antivirus software. Customers can learn more about these steps at the Protect Your PC Web site. Mitigating Factors: * The Microsoft DDS Library Shape Control (Msdds.dll) does not ship in Windows by default. * Customers who do not have Msdds.dll on their systems are not affected by this vulnerability. This Microsoft Security Advisory is located at this location: http://www.microsoft.com/technet/security/advisory/906267.mspx Microsoft Security Advisories are located at this location: http://www.microsoft.com/technet/security/advisory/default.mspx If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant. Thank you, Microsoft PSS Security Team Zitieren Link zu diesem Kommentar
Empfohlene Beiträge
Schreibe einen Kommentar
Du kannst jetzt antworten und Dich später registrieren. Falls Du bereits ein Mitglied bist, logge Dich jetzt ein.