Gary Flynn wrote: > > "Robert D." wrote: > > > > > > I'm I correct assuming this is the same problem discussed in MS00-043? > > I think its MS01-033. > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-033.asp Arghh. I'm getting punchy and trying to do too many things at once. That should be MS01-020. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp > That is probably for the better though. As I understand it, > the MS00-043 defect would trigger as soon as Outlook was started > and it read the mail headers. :( > > > In that case the following configurations are safe: > > > > IE 5.01 SP1 or later > > IE 5.5 or later ( except Windows 2000, sp1 safe?? ) > > If its MS01-033, they're not :) > > Worse, only 5.01sp1 and 5.5sp1 have patches available for > them. That means the Windows Update Site doesn't help. > I just went there with 5.50.4134.0600IS and it didn't tell > me I needed the patch. > > You haven't lived until you've tried to talk a Windows 95 > user with IE3 through the update process. :( > > http://www.jmu.edu/computing/info-security/engineering/issues/iemime.shtml > > -- > Gary Flynn > Security Engineer - Technical Services > James Madison University > > Please R.U.N.S.A.F.E. > http://www.jmu.edu/computing/runsafe -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 16:56:30 PDT