Microsoft Internet Explorer related Security Advisory updated

Discussion in 'Security Networking' started by Bill Sanderson MVP, Mar 28, 2006.

  1. http://www.microsoft.com/technet/security/advisory/917077.mspx

    I think this is worth bringing to the attention of readers in this group for
    a couple of reasons:

    1) to understand that the statistical effect of the attack is being
    monitored carefully--lots of eyes are on this, and some are being more
    careful about what they report than others are.

    2) That we all understand that the fix for this will be part of a cumulative
    security update for IE6. This update will also include the following fix:

    http://support.microsoft.com/kb/912945

    This change in IE behavior with regards to ActiveX controls may have
    substantial impact in some corporate settings--so you need to be prepared
    for this change.

    3) To understand that IE7 beta2 is immune to this one already. This beta
    does have one reported (and blogged about) installation issue that I haven't
    seen myself--but otherwise it is an easy install and just as easy uninstall
    back to IE6. A reboot is required. Updates to it are being distributed via
    WSUS, if you as the administrator enable them--just as you did with Windows
    Defender definitions.

    --
     
    Bill Sanderson MVP, Mar 28, 2006
    #1
    1. Advertisements

  2. Bill Sanderson MVP

    Guest Guest

    Hello,

    may i download IE7 on my XP Home. I see on the site the speek over XP pro
    and Vista.

    If i download on my XP Home shall i receive upgrade from IE7 ?

    Thanks
    Benoit



    "Bill Sanderson MVP" wrote:

    > http://www.microsoft.com/technet/security/advisory/917077.mspx
    >
    > I think this is worth bringing to the attention of readers in this group for
    > a couple of reasons:
    >
    > 1) to understand that the statistical effect of the attack is being
    > monitored carefully--lots of eyes are on this, and some are being more
    > careful about what they report than others are.
    >
    > 2) That we all understand that the fix for this will be part of a cumulative
    > security update for IE6. This update will also include the following fix:
    >
    > http://support.microsoft.com/kb/912945
    >
    > This change in IE behavior with regards to ActiveX controls may have
    > substantial impact in some corporate settings--so you need to be prepared
    > for this change.
    >
    > 3) To understand that IE7 beta2 is immune to this one already. This beta
    > does have one reported (and blogged about) installation issue that I haven't
    > seen myself--but otherwise it is an easy install and just as easy uninstall
    > back to IE6. A reboot is required. Updates to it are being distributed via
    > WSUS, if you as the administrator enable them--just as you did with Windows
    > Defender definitions.
    >
    > --
    >
    >
    >
    >
     
    Guest, Mar 29, 2006
    #2
    1. Advertisements

  3. Bill Sanderson MVP

    Tom Emmelot Guest

    Hello Beniot,

    in how many groups you start asking?

    Regards >*< TOM >*<

    benoit schreef:
    > Hello,
    >
    > may i download IE7 on my XP Home. I see on the site the speek over XP pro
    > and Vista.
    >
    > If i download on my XP Home shall i receive upgrade from IE7 ?
    >
    > Thanks
    > Benoit
    >
    >
    >
    > "Bill Sanderson MVP" wrote:
    >
    >
    >>http://www.microsoft.com/technet/security/advisory/917077.mspx
    >>
    >>I think this is worth bringing to the attention of readers in this group for
    >>a couple of reasons:
    >>
    >>1) to understand that the statistical effect of the attack is being
    >>monitored carefully--lots of eyes are on this, and some are being more
    >>careful about what they report than others are.
    >>
    >>2) That we all understand that the fix for this will be part of a cumulative
    >>security update for IE6. This update will also include the following fix:
    >>
    >>http://support.microsoft.com/kb/912945
    >>
    >>This change in IE behavior with regards to ActiveX controls may have
    >>substantial impact in some corporate settings--so you need to be prepared
    >>for this change.
    >>
    >>3) To understand that IE7 beta2 is immune to this one already. This beta
    >>does have one reported (and blogged about) installation issue that I haven't
    >>seen myself--but otherwise it is an easy install and just as easy uninstall
    >>back to IE6. A reboot is required. Updates to it are being distributed via
    >>WSUS, if you as the administrator enable them--just as you did with Windows
    >>Defender definitions.
    >>
    >>--
    >>
    >>
    >>
    >>
     
    Tom Emmelot, Mar 29, 2006
    #3
  4. I can see why the page is somewhat confusing--yes this will run fine with XP
    Home.

    If you already have a previous IE7 running, you need to uninstall that
    before installing the new version. It will upgrade IE6, however.

    --

    "benoit" <> wrote in message
    news:...
    > Hello,
    >
    > may i download IE7 on my XP Home. I see on the site the speek over XP pro
    > and Vista.
    >
    > If i download on my XP Home shall i receive upgrade from IE7 ?
    >
    > Thanks
    > Benoit
    >
    >
    >
    > "Bill Sanderson MVP" wrote:
    >
    >> http://www.microsoft.com/technet/security/advisory/917077.mspx
    >>
    >> I think this is worth bringing to the attention of readers in this group
    >> for
    >> a couple of reasons:
    >>
    >> 1) to understand that the statistical effect of the attack is being
    >> monitored carefully--lots of eyes are on this, and some are being more
    >> careful about what they report than others are.
    >>
    >> 2) That we all understand that the fix for this will be part of a
    >> cumulative
    >> security update for IE6. This update will also include the following
    >> fix:
    >>
    >> http://support.microsoft.com/kb/912945
    >>
    >> This change in IE behavior with regards to ActiveX controls may have
    >> substantial impact in some corporate settings--so you need to be prepared
    >> for this change.
    >>
    >> 3) To understand that IE7 beta2 is immune to this one already. This beta
    >> does have one reported (and blogged about) installation issue that I
    >> haven't
    >> seen myself--but otherwise it is an easy install and just as easy
    >> uninstall
    >> back to IE6. A reboot is required. Updates to it are being distributed
    >> via
    >> WSUS, if you as the administrator enable them--just as you did with
    >> Windows
    >> Defender definitions.
    >>
    >> --
    >>
    >>
    >>
    >>
     
    Bill Sanderson MVP, Mar 29, 2006
    #4
  5. Re: [important update]

    http://blogs.technet.com/msrc/archive/2006/03/29/423560.aspx
    --

    "Bill Sanderson MVP" <> wrote in message
    news:%...
    > http://www.microsoft.com/technet/security/advisory/917077.mspx
    >
    > I think this is worth bringing to the attention of readers in this group
    > for a couple of reasons:
    >
    > 1) to understand that the statistical effect of the attack is being
    > monitored carefully--lots of eyes are on this, and some are being more
    > careful about what they report than others are.
    >
    > 2) That we all understand that the fix for this will be part of a
    > cumulative security update for IE6. This update will also include the
    > following fix:
    >
    > http://support.microsoft.com/kb/912945
    >
    > This change in IE behavior with regards to ActiveX controls may have
    > substantial impact in some corporate settings--so you need to be prepared
    > for this change.
    >
    > 3) To understand that IE7 beta2 is immune to this one already. This beta
    > does have one reported (and blogged about) installation issue that I
    > haven't seen myself--but otherwise it is an easy install and just as easy
    > uninstall back to IE6. A reboot is required. Updates to it are being
    > distributed via WSUS, if you as the administrator enable them--just as you
    > did with Windows Defender definitions.
     
    Bill Sanderson MVP, Mar 29, 2006
    #5
  6. Bill Sanderson MVP

    Guest Guest

    Thanks for the answer to Tom and Bill

    for Tom : i understand not your question ? i have asked this here !! why ?

    benoit

    "Tom Emmelot" wrote:

    > Hello Beniot,
    >
    > in how many groups you start asking?
    >
    > Regards >*< TOM >*<
    >
    > benoit schreef:
    > > Hello,
    > >
    > > may i download IE7 on my XP Home. I see on the site the speek over XP pro
    > > and Vista.
    > >
    > > If i download on my XP Home shall i receive upgrade from IE7 ?
    > >
    > > Thanks
    > > Benoit
    > >
    > >
    > >
    > > "Bill Sanderson MVP" wrote:
    > >
    > >
    > >>http://www.microsoft.com/technet/security/advisory/917077.mspx
    > >>
    > >>I think this is worth bringing to the attention of readers in this group for
    > >>a couple of reasons:
    > >>
    > >>1) to understand that the statistical effect of the attack is being
    > >>monitored carefully--lots of eyes are on this, and some are being more
    > >>careful about what they report than others are.
    > >>
    > >>2) That we all understand that the fix for this will be part of a cumulative
    > >>security update for IE6. This update will also include the following fix:
    > >>
    > >>http://support.microsoft.com/kb/912945
    > >>
    > >>This change in IE behavior with regards to ActiveX controls may have
    > >>substantial impact in some corporate settings--so you need to be prepared
    > >>for this change.
    > >>
    > >>3) To understand that IE7 beta2 is immune to this one already. This beta
    > >>does have one reported (and blogged about) installation issue that I haven't
    > >>seen myself--but otherwise it is an easy install and just as easy uninstall
    > >>back to IE6. A reboot is required. Updates to it are being distributed via
    > >>WSUS, if you as the administrator enable them--just as you did with Windows
    > >>Defender definitions.
    > >>
    > >>--
    > >>
    > >>
    > >>
    > >>

    >
     
    Guest, Mar 29, 2006
    #6
  7. Bill Sanderson MVP

    Guest Guest

    Re: [important update]

    Hello

    in the text from Mike he speek over "Use Windows Update (and ideally
    Microsoft Update)"

    which is the difference i know windows update

    benoit



    "Bill Sanderson MVP" wrote:

    > http://blogs.technet.com/msrc/archive/2006/03/29/423560.aspx
    > --
    >
    > "Bill Sanderson MVP" <> wrote in message
    > news:%...
    > > http://www.microsoft.com/technet/security/advisory/917077.mspx
    > >
    > > I think this is worth bringing to the attention of readers in this group
    > > for a couple of reasons:
    > >
    > > 1) to understand that the statistical effect of the attack is being
    > > monitored carefully--lots of eyes are on this, and some are being more
    > > careful about what they report than others are.
    > >
    > > 2) That we all understand that the fix for this will be part of a
    > > cumulative security update for IE6. This update will also include the
    > > following fix:
    > >
    > > http://support.microsoft.com/kb/912945
    > >
    > > This change in IE behavior with regards to ActiveX controls may have
    > > substantial impact in some corporate settings--so you need to be prepared
    > > for this change.
    > >
    > > 3) To understand that IE7 beta2 is immune to this one already. This beta
    > > does have one reported (and blogged about) installation issue that I
    > > haven't seen myself--but otherwise it is an easy install and just as easy
    > > uninstall back to IE6. A reboot is required. Updates to it are being
    > > distributed via WSUS, if you as the administrator enable them--just as you
    > > did with Windows Defender definitions.

    >
    >
    >
     
    Guest, Mar 30, 2006
    #7
  8. Re: [important update]

    Microsoft Update does Office apps, and more, as well as Windows

    You can switch, and you can also switch back if there is something you don't
    like about the change--I think this URL will allow you to make the change:

    http://update.microsoft.com/microsoftupdate

    Once you've flipped the switch, WindowsUpdate and or autoupdate will get all
    the apps covered by Microsoft update--same way it has always worked--just
    more stuff, depending on what you are running it on, and what version of
    Office you have.

    --

    "benoit" <> wrote in message
    news:...
    > Hello
    >
    > in the text from Mike he speek over "Use Windows Update (and ideally
    > Microsoft Update)"
    >
    > which is the difference i know windows update
    >
    > benoit
    >
    >
    >
    > "Bill Sanderson MVP" wrote:
    >
    >> http://blogs.technet.com/msrc/archive/2006/03/29/423560.aspx
    >> --
    >>
    >> "Bill Sanderson MVP" <> wrote in message
    >> news:%...
    >> > http://www.microsoft.com/technet/security/advisory/917077.mspx
    >> >
    >> > I think this is worth bringing to the attention of readers in this
    >> > group
    >> > for a couple of reasons:
    >> >
    >> > 1) to understand that the statistical effect of the attack is being
    >> > monitored carefully--lots of eyes are on this, and some are being more
    >> > careful about what they report than others are.
    >> >
    >> > 2) That we all understand that the fix for this will be part of a
    >> > cumulative security update for IE6. This update will also include the
    >> > following fix:
    >> >
    >> > http://support.microsoft.com/kb/912945
    >> >
    >> > This change in IE behavior with regards to ActiveX controls may have
    >> > substantial impact in some corporate settings--so you need to be
    >> > prepared
    >> > for this change.
    >> >
    >> > 3) To understand that IE7 beta2 is immune to this one already. This
    >> > beta
    >> > does have one reported (and blogged about) installation issue that I
    >> > haven't seen myself--but otherwise it is an easy install and just as
    >> > easy
    >> > uninstall back to IE6. A reboot is required. Updates to it are being
    >> > distributed via WSUS, if you as the administrator enable them--just as
    >> > you
    >> > did with Windows Defender definitions.

    >>
    >>
    >>
     
    Bill Sanderson MVP, Mar 30, 2006
    #8
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. mike

    I know it's not related.

    mike, Feb 22, 2005, in forum: Security Networking
    Replies:
    2
    Views:
    505
  2. Nathan H
    Replies:
    1
    Views:
    571
    Andre Da Costa
    Jul 22, 2005
  3. Guest
    Replies:
    0
    Views:
    625
    Guest
    Dec 30, 2005
  4. Guest
    Replies:
    2
    Views:
    669
    Guest
    Jan 15, 2006
  5. Steve Dodson [MSFT]

    Windows Defender Release Notes Updated

    Steve Dodson [MSFT], Feb 16, 2006, in forum: Security Networking
    Replies:
    2
    Views:
    599
    Guest
    Feb 23, 2006
Loading...

Share This Page