# Update Your Internet Explorer



## jgvernonco (Sep 13, 2003)

Cyber Security Alert SA04-184A

Important Internet Explorer Update Available

Original release date: July 2, 2004
Last revised: --
Source: US-CERT


Systems Affected

Systems running Internet Explorer and Microsoft Windows


Overview

Microsoft has released an important security update for Internet
Explorer (IE). This update greatly reduces the impact of attacks
against several vulnerabilities in IE.


Description

Several vulnerabilities in IE could allow a malicious web site or
HTML email message to install software on your computer. This
software could be used to steal sensitive financial information or
perform other actions. Recent incident activity has been referred to
as Download.Ject, JS.Scob.Trojan, Scob, and JS.Toofeer.

Microsoft has released a security update for IE that provides
increased protection against this type of attack. Note that this
update may not prevent attacks in all cases.


Resolution

Install Critical Update

US-CERT recommends that users install the update from the Microsoft
Download Center (KB870669) or the Windows Update web site.

Increase IE Security Settings

In addition, US-CERT strongly recommends that users modify IE
security settings according to the instructions in the Malicious
Web Scripts FAQ.

Further information is available from Microsoft in What You Should
Know About Download.Ject.


References

* US-CERT Technical Alert TA04-184A -
<http://www.us-cert.gov/cas/techalerts/TA04-184A.html>

* US-CERT Technical Alert TA04-163A -
<http://www.us-cert.gov/cas/techalerts/TA04-163A.html>

* US-CERT Vulnerability Note VU#713878 -
<http://www.kb.cert.org/vuls/id/713878>

* Malicious Web Scripts FAQ -
<http://www.cert.org/tech_tips/malicious_code_FAQ.html>

* What You Should Know About Download.Ject -
<http://www.microsoft.com/security/incident/download_ject.mspx>

* Increase Your Browsing and E-Mail Safety -
<http://www.microsoft.com/security/incident/settings.mspx>

* Working with Internet Explorer 6 Security Settings -
<http://www.microsoft.com/windows/ie/using/howto/security/settings
.mspx>

_________________________________________________________________


Author: Art Manion

Please send feedback to <mailto:[email protected]>.

Please include the Subject field "SA04-184A Feedback VU#713878".

_________________________________________________________________


Copyright 2004 Carnegie Mellon University.

Terms of use: <http://www.us-cert.gov/legal.html>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/alerts/SA04-184A.html>


----------

