February 2, 2004 Information Security Advisory

Earlier today, Microsoft issued an Internet Explorer security update. Although the update
is cummulative, it also contains patches for three newly discovered security vulnerabilities
that make the update worthy of your attention, even if you have been installing updates all
along.

The three new vulnerabilities could compromise the user's computer as follows:

The first vulnerability could result in the execution of scripts and run arbitrary code 
on a user's system.

The second vulnerability could allow a file to be saved in a target location on the user's 
system if the user clicked a link, without prompting the user to save the file. 

The third vulnerability could result in a misrepresentation of the URL in the address 
bar of an Internet Explorer window (URL spoofing).

Solution: go to http://v4.windowsupdate.microsoft.com/en/default.asp to download the 
security patch and install it (this is a 2.8 MB file download).


Happy safe computing!

Frederic Martin
www.workingarts.com

PS: If you want to be removed from this computer security advisory mailing list, please 
reply with "remove" in the subject of the message. To review archived security warnings, 
please go to http://www.workingarts.com/infosecarchives.html