There was a serious security hole in IE that was discovered recently, and
code exploits were in the wild. It was serious enough that my
university chose to recommend that everyone stop using IE until Microsoft
released a fix for this hole. They even pushed FireFox out to all domain
managed computers at the university.
I've never seen a response like this before, so I thought it was worth
warning a few lists I am on.
Microsoft has released an update and you should make sure to install it as
soon as possible. Your virus definitions would not have helped you in
this case. If you had been lured into going to a maliciously crafted web
site, or hit a legitimate site with a compromised ad on it, it was
possible to have remote code executed on your machine, at the same level
of permissions as the user running IE at the time. Since most people
don't set up users with limited access to their own machine, most people
are running with administrator privileges, so this could be pretty
serious.
Again, I rarely send out warnings of viruses or malware, but when I see a
response like this from our security office, I believe it to be a credible
and serious threat.
Again, Microsoft has released a fix and you should update as soon as
possible.
--
Blue skies.
Dan Rossi
Senior Oracle Database Administrator
Carnegie Mellon University.
E-Mail: [email protected]
Tel: (412) 268-9081
For answers to frequently asked questions about this list visit:
http://www.jaws-users.com/help/
