U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

TLP:WHITE

Alert (SA05-102A)

Multiple Vulnerabilities in Microsoft Windows Components

Original release date: April 12, 2005

Systems Affected

  • Microsoft Windows Systems

  • For a complete list of affected versions of the Windows operating systems and components, refer to the April 2005 Updates for Windows, MSN Messenger, and Office.

    Overview

    There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, MSN Messenger, and Word.

    Description

    There are vulnerabilities in Microsoft Windows, Internet Explorer, MSN Messenger, and Word that may allow an attacker to take control of your computer or cause it to crash. To exploit some of these vulnerabilities, an attacker may attempt to convince you to view a malicious web page, image, or Word document.

    For more technical information, see US-CERT Technical Alert TA05-102A.

    Resolution

    Apply an update

    Obtain the appropriate updates from Windows Update or by using Automatic Updates.

    Do not follow unsolicited links

    Do not click on unsolicited links received in email, instant messages, web forums, or chat rooms. While this is generally a good security practice, following this behavior will not prevent the exploitation of these vulnerabilities in all cases.

    Maintain updated anti-virus software

    Anti-virus software with updated virus definitions may identify and prevent some exploit attempts. Update your anti-virus software. More information about viruses and anti-virus vendors is available on the US-CERT Computer Virus Resources page.

    References


    Authors: Eric J. Hayes and Art Manion. .

    Copyright 2005 Carnegie Mellon University. Terms of use

    Revision History

    • April 12, 2005: Initial release

    April 13, 2005: Updated feedback link

    Last updated

    This product is provided subject to this Notification and this Privacy & Use policy.

    Was this document helpful?  Yes  |  Somewhat  |  No

    Back to Top