Note: This page is part of the archive.

This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact if you have any questions about the US-CERT website archive.

Alert (SA04-184A)

Important Internet Explorer Update Available

Systems Affected

Systems running Internet Explorer and Microsoft Windows


Microsoft has released an important security update for Internet Explorer (IE). This update greatly reduces the impact of attacks against several vulnerabilities in IE.


Several vulnerabilities in IE could allow a malicious web site or HTML email message to install software on your computer. This software could be used to steal sensitive financial information or perform other actions. Recent incident activity has been referred to as Download.Ject, JS.Scob.Trojan, Scob, and JS.Toofeer.

Microsoft has released a security update for IE that provides increased protection against this type of attack. Note that this update may not prevent attacks in all cases.


Install Critical Update

US-CERT recommends that users install the update from the Microsoft Download Center (KB870669) or the Windows Update web site.

Increase IE Security Settings

In addition, US-CERT strongly recommends that users modify IE security settings according to the instructions in the Malicious Web Scripts FAQ.

Further information is available from Microsoft in What You Should Know About Download.Ject.



This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No