Microsoft Security Bulletin MS03-040 - 828750

[PA Bear]

Title: Cumulative Patch for Internet Explorer Execution (828750)
Date: October 3, 2003
Software:
Internet Explorer 5.01
Internet Explorer 5.5
Internet Explorer 6.0
Internet Explorer 6.0 for Windows Server 2003
Impact: Run code of attacker's choice.
Maximum Severity Rating: Critical
Bulletin: MS03-040

The Microsoft Security Response Center has released Microsoft Security
Bulletin MS03-040

What Is It?
The Microsoft Security Response Center has released Microsoft Security
Bulletin MS03-040 which concerns a vulnerability in Internet Explorer.
Customers are advised to review the information in the bulletin, test and
deploy the patch immediately in their environments, if applicable.

More information is now available at
http://www.microsoft.com/technet/security/bulletin/MS03-040.asp

The October 2003 Cumulative Patch for Internet Explorer is available via
Windows Update. Please disable your anti-virus application and close all
other running Windows-based processes before going to Windows Update to
download/install this patch.

If you have trouble using Windows Update, check out the Windows Update
Troubleshooter at http://v4.windowsupdate.microsoft.com/troubleshoot/
--
HTH...Please post back to this thread

~Robear Dyer (aka PA Bear)
MS MVP-Windows (IE/OE)
http://mvp.support.microsoft.com
AH-VSOP
http://forum.aumha.org/

 

[Papa]

I just installed it. The installation went through without a hitch. Should I
have expected a possible problem? Thanks.

 

[Michael Jennings]

I think they are making advances on sealing off the object type
vulnerability. This looks like patch 3 (20, 32, 40) but
I can't make out how it completely covers 2002-0532:

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0532

http://www.microsoft.com/technet/security/bulletin/MS03-032.asp

I just installed it. The installation went through without a hitch.
Should I have expected a possible problem? Thanks.

"Guardian of the Newsgroups!"
(according to Eli Aran <G>)

 

[charlize]

did microsoft change the update from wednesday to friday?
for months now i have updated on wednesday.
thanks

 

[PA Bear]

MS releases critical patches after they've been thoroughly (...) tested. It
is indeed unusual for such a patch to be released late on a Friday so MS
must feel this one's pretty urgent.
--
HTH...Please post back to this thread

~Robear Dyer (aka PA Bear)
MS MVP-Windows (IE/OE)
http://mvp.support.microsoft.com
AH-VSOP
http://forum.aumha.org/

 

[Roger.]

Sorry I've just posted this and missed your message informing us earlier.
Yes mine went ok but did not disable AVG ! RO.

 

[David B. Haun]

Where is Knowegde Base article 828750 it has been more
than 24 hours?

 

[H Leboeuf]

Go directly to windows updates and download. Did it yesterday.
Had to disable my Firewall as it would not install otherwise.

 

[PA Bear]

MS03-040: October, 2003, Cumulative Patch for Internet Explorer
http://support.microsoft.com/?kbid=828750

This page has been available since ~04:00 GMT, 04 Oct-03.
--
HTH...Please post back to this thread

~Robear Dyer (aka PA Bear)
MS MVP-Windows (IE/OE)
http://mvp.support.microsoft.com
AH-VSOP
http://forum.aumha.org/