[80] in Security FYI
Exploit found in Internet Explorer, please apply the patch
daemon@ATHENA.MIT.EDU (Jonathan McIndoe Hunt)
Fri Apr 6 08:10:15 2001
Message-Id: <5.0.2.1.2.20010406075506.0355b858@hesiod>
Date: Fri, 06 Apr 2001 08:10:30 -0400
To: winpartners@mit.edu, itpartners@mit.edu, security-fyi@mit.edu
From: Jonathan McIndoe Hunt <jmhunt@MIT.EDU>
Mime-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello All,
A vulnerability that allows the execution of arbitrary code has been found
in Internet Explorer 5.5 SP1 and earlier versions (except IE 5.0 SP2). An
incorrect MIME header can cause IE to execute e-mail attachments. The
vulnerability does not appear to effect the Macintosh versions of IE.
More information on the vulnerability can be found at:
http://www.microsoft.com/technet/security/bulletin/MS01-020.asp
You should apply the patch for Internet Explorer even if you do not use it
as your browser because other applications such as Eudora can use IE as a
viewer for html formatted e-mail.
The patch is available from:
http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp
Jonathan
______________________________________
Jonathan M. Hunt
Windows Platform Coordinator and Co-Team Leader for Software Release Team
Network Security Team <net-security@mit.edu>
Information Systems
W92-191 x3-0172
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBOs2yNs/KqE8/LLXXEQIBzQCfS/U2kPfDnQvkKcCU+fVfBexRvfAAoIXz
jTyYzk4r4ScQq/7qZwaUTEf+
=AmoV
-----END PGP SIGNATURE-----
