Author Topic: Microsoft Security Advisory 2794220  (Read 770 times)

0 Members and 1 Guest are viewing this topic.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14286
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Microsoft Security Advisory 2794220
« on: December 29, 2012, 11:47:19 PM »
Microsoft released Security Advisory 2794220 to address an issue that affects Internet Explorer versions 6, 7 and 8.  Internet Explorer versions 9 and 10 are not affected.

At this time, Microsoft is aware of a very small number of targeted attacks.  This issue allows remote code execution if users browse to a malicious website with an affected browser.  Generally, this is a result of an attacker convincing someone to click a link in an email or instant message.

Additional information and recommendations in my blog post at Microsoft Security Advisory 2794220.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14286
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Advisory 2794220
« Reply #1 on: December 31, 2012, 09:44:39 PM »
A Microsoft Fix it is available. Details and links available here:  Fix it for Security Advisory 2794220 Available.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14286
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Advisory 2794220
« Reply #2 on: January 14, 2013, 12:03:47 AM »
An out-of-band update is scheduled for release tomorrow, Monday, January 14, 2013 to address Security Advisory 2794220.  If you installed the Fix it solution, it is not necessary to remove it prior to applying the security update.

Additional information:  Advance Notification for Update to Address Security Advisory 2794220


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14286
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Out-of-band Critical Security Update MS13-008 Released
« Reply #3 on: January 14, 2013, 05:22:21 PM »
Out-of-band Critical Security Update MS13-008 has been released for IE6, IE7 and IE8.

Contrary to the information provided in the MSRC Blog post announcement yesterday, although it is not necessary to remove the Fix it solution prior to installing the update, it is now recommended that it be removed after installing the update.

A direct link to the Fix it to disable the update is available in my blog post at MS13-008 Released for Security Advisory 2794220.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.