[262] in Security FYI
[Security-fyi]
daemon@ATHENA.MIT.EDU (Tim McGovern)
Fri Dec 3 09:31:22 2004
Mime-Version: 1.0 (Apple Message framework v619)
Content-Type: text/plain; charset=US-ASCII; format=flowed
Message-Id: <3834ABA4-44A9-11D9-B88B-000A95ABC792@mit.edu>
Content-Transfer-Encoding: 7bit
From: Tim McGovern <tjm@mit.edu>
Date: Thu, 2 Dec 2004 16:29:16 -0500
To: I/T Security FYI List <security-fyi@mit.edu>
cc: itss@mit.edu
Errors-To: security-fyi-bounces@mit.edu
Colleagues,
IS&T's I/T Security Support is notifying the community of a security
problem affecting the users of Microsoft Windows computers.
On December 1, 2004, Microsoft announced a fix for a major problem in
one or more Windows operating systems supported by MIT. The specific
vulnerability is contained within the Internet Explorer portion of the
Windows operating system. This problem is identified as Microsoft
Bulletin MS04-040
(http://www.microsoft.com/technet/security/bulletin/MS04-040.mspx).
This problem gives someone the ability to break into, and use, your
computer for their own purposes. If that happens your personal,
sensitive or other data may be revealed or destroyed. It may also
result in your computer being used to break into other computers here
at MIT or elsewhere.
We suggest that the fix be applied to all of your affected Microsoft
Windows systems immediately unless your local system administrator --
the person who maintains your computer's software -- has instructed you
to do otherwise. Please take the steps recommended below according to
the version of Windows you are running.
Microsoft Windows XP Service Pack 2 Take no action ---
vulnerability does not exist
Microsoft Windows XP Service Pack 1 Either upgrade to Windows XP
Service Pack 2
Or apply update provided by
Microsoft
Microsoft Windows 2000 (all levels) Either upgrade to Windows XP
Service Pack 2
Or apply update provided by
Microsoft
Other unsupported versions of Refer to the Microsoft Bulletin
referenced above.
Microsoft Windows
The very best first line of defense against vulnerabilities is to take
Microsoft patches automatically whenever feasible. We want to thank
everyone who already uses Microsoft's Automatic Update service
(http://windowsupdate.microsoft.com/) or MIT's local Windows Update
Service (http://waus.mit.edu/), and if you already use one of these
services, the patch has likely already been installed on your machine.
For further assistance, please contact IS&T I/T Security Support at
<security@mit.edu>, or the IS&T Computing Help Desk at x3-1101 or
<computing-help@mit.edu>.
Tim McGovern
Manager, I/T Security Support
Client Support Services
Information Services & Technology
Massachusetts Institute of Technology
77 Massachusetts Ave. Room N42-040k
Cambridge MA 02139-4307
(617) 253-0505
_______________________________________________
Security-fyi mailing list
Security-fyi@mit.edu
http://mailman.mit.edu/mailman/listinfo/security-fyi
