[Faccus] Alert - Microsoft Security Advisory 2847140 Revised (Automated Workaround Released)

IST Windows Administration System_Account ntmaint at uwaterloo.ca
Mon May 13 11:08:32 EDT 2013


This alert is intended for anyone who is still running IE8. IE8 users/administrators are encouraged to manually apply the Fix It Workaround. There is no patch yet from MS to remedy this vulnerability, just this manual workaround.

Tim Farrell
Information Systems and Technology, MC-1036, University of Waterloo.
Waterloo, Ontario, Canada N2L 3G1 * 519-888-4567 X35189


Subject: Alert - Microsoft Security Advisory 2847140 Revised (Automated Workaround Released)

What is the purpose of this alert?
This alert is to notify you that Microsoft has revised Security Advisory 2847140 - Vulnerability in Internet Explorer Could Allow Remote Code Execution - on May 08, 2013.

Summary

Previously, on May 3, 2013, Microsoft released Security Advisory 2847140<http://technet.microsoft.com/security/advisory/2847140> - Vulnerability in Internet Explorer Could Allow Remote Code Execution - to confirm that Microsoft is investigating reports of a vulnerability in Internet Explorer 8.

Today (May 8, 2013), Microsoft updated Security Advisory 2847140 to include an easy, one-click Fix it tool to address the known attack vectors. The Fix it workaround is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code. The Fix it workaround should not affect your ability to browse the Web, and applying the Fix it workaround does not require a reboot.

The Fix it workaround is an effort to help protect as many customers as possible, as quickly as possible. We continue to work on a security update to address this issue and we're closely monitoring the threat landscape.

Internet Explorer 6, 7, 9 and 10 are not affected by this vulnerability.

Recommendations

We encourage all customers using Internet Explorer 8 to apply the Fix it workaround discussed in Microsoft KB Article 2847140<http://support.microsoft.com/kb/2847140> to help protect their systems.

Review Microsoft Security Advisory 2847140<http://technet.microsoft.com/security/advisory/2847140> for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQ), and links to additional resources.

Customers who believe they are affected can find support at this location: http://support.microsoft.com/security/.

Additional Resources

*         Microsoft Security Advisory 2847140 - Vulnerability in Internet Explorer Could Allow Remote Code Execution - http://technet.microsoft.com/security/advisory/2847140

*         Microsoft KB Article 2847140 - Vulnerability in Internet Explorer Could Allow Remote Code Execution - http://support.microsoft.com/kb/2847140

*         Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc

*         Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc

*         Security Research & Defense (SRD) Blog: http://blogs.technet.com/srd

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft's security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's web-based security content, the information in Microsoft's web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager.

Thank you,
Microsoft CSS Security Team

[cid:image002.jpg at 01CDEE38.E348F100][cid:7FB55CF17BE89B498511A972ECCC4278 at namprd03.prod.outlook.com]





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/faccus/attachments/20130513/a91d8c46/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Picture (Device Independent Bitmap) 1.jpg
Type: image/jpeg
Size: 1490 bytes
Desc: Picture (Device Independent Bitmap) 1.jpg
URL: <http://lists.uwaterloo.ca/pipermail/faccus/attachments/20130513/a91d8c46/attachment-0001.jpg>


More information about the Faccus mailing list