[BigFix-Announcements] BES Auto Notification: New Fixlets Published
in Fixlet Site: EnterpriseSecurity
autonotify at bigfix.com
autonotify at bigfix.com
Sat Aug 20 02:02:48 PDT 2005
Fixlet Site - EnterpriseSecurity
Current Version: 614 Published: Wed, 17 Aug 2005 23:55:51 GMT
***************************************************************
Title: 906267: COM Object (Msdds.dll) Could Cause Internet Explorer to Unexpectedly Exit
Severity: <Unspecified>
Fixlet ID: 90626701
Fixlet Link: http://www.microsoft.com/technet/security/advisory/906267.mspx
Fixlet Description: Microsoft has announced that the Microsoft DDS Library Shape Control (msdds.dll) COM object could, when called from a Web page displayed in Internet Explorer, cause Internet Explorer to unexpectedly exit. This condition could potentially allow remote code execution if a user visited a malicious Web site. This COM object is not marked safe for scripting and is not intended for use in Internet Explorer. Since msdds.dll was not designed to be accessed through Internet Explorer, this Fixlet message follows Microsoft's recommended workaround and sets the kill bit for msdds.dll.
More information about the BigFix-Announcements
mailing list