Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Microsoft Corporation Information for VU#25249

Date Notified06/05/2000
Date Modified04/12/2004 03:33:02 PM
Status SummaryVulnerable

Vendor Statement

Microsoft recommends customers using Microsoft Internet Explorer version 4.0, 4.01, 5.0, or 5.01 apply the patch discussed in http://microsoft.com/technet/security/bulletin/ms00-037.asp and routinely use the Security Zones feature.

The Security Zones feature of Internet Explorer allows you to categorize the web sites you visit and specify what the sites in a particular category should be allowed to do. Since most people visit a small number of familiar, professionally-operated web sites, and it's unlikely that such a site would pose any risk, we recommend putting the sites that you visit frequently and trust into the Trusted Zone. All sites that you haven't otherwise categorized will reside in the Internet Zone. You can then configure the zones to give the appropriate privileges to the web sites in each of these zones.

In addition Microsoft recommends Outlook users install the Outlook Security Update http://www.officeupdate.com/2000/downloaddetails/Out2ksec.htm to protect against mail-borne attacks.

US-CERT Addendum

As described in the Vulnerability Note and in the CERT Advisory, there are several configurations which continue to be vulnerable to this problem.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information