Note: This page is part of the archive.

This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact if you have any questions about the US-CERT website archive.

Alert (SA04-336A)

Update for Microsoft Internet Explorer

Systems Affected

  • Internet Explorer versions 6.0 and later


As previously mentioned in SA04-315A, an attacker may be able to take control of your computer by taking advantage of a vulnerability in Internet Explorer.


Apply an update

Microsoft has released an update to resolve this problem. Obtain the appropriate update from Windows Update or by using Automatic Updates.

Internet Explorer 6 on Windows XP SP2 is not vulnerable.


There is a vulnerability in the way Internet Explorer processes certain HTML code. By exploiting the vulnerability, an attacker may be able to take control of your computer or cause Internet Explorer to crash.

For more technical information, see TA04-336A.



Copyright 2004 Carnegie Mellon University. Terms of use

Revision History

  • December 1, 2004: Initial release
    December 3, 2004: Added information about IE 6 on Windows XP SP2, added references to TA04-336A

Last updated

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No