News
Serious Security Flaw in Microsoft Internet Explorer
Patches Released to Campus Machines - A security bulletin was issued December 17, 2008 about a serious vulnerability in Microsoft’s Internet Explorer web browser that could allow criminals to take control of people’s computers and steal personal information. IE users may be redirected to malicious websites when they browse other legitimate websites that have been hacked. Once rerouted, malware can be silently downloaded to the victim’s computer and then used to steal passwords and personal information. The flaw is primarily affecting machines that use Explorer 7.0, but other versions are also at risk. As a precaution, people are being advised to use an alternate browser, such as Mozilla’s Firefox or Apple Safari. A patch was released by Microsoft to correct the vulnerability and was "pushed out" to most UM-Dearborn campus machines yesterday. ITS administers the WSUS (Windows Software Update Services) server, which automatically downloads patches and routes them to desktop computers that are subscribed to the service. Patches are then automatically installed at the desktop to correct the defect. Most campus computers are subscribed to the WSUS server. If you have questions or require more information, please contact your local technical support unit or the ITS Help Desk via phone at 313-593-4357 or email at Helpdesk@umd.umich.edu. Information about the vulnerability is available at: http://www.microsoft.com/protect/computer/updates/bulletins/200812_oob.mspx
http://www.techweb.com/article/showArticle?articleID=212501006