PROBLEM: Two vulnerabilities have been identified in the way that Microsoft(r) Internet Explorer (IE) handles digital certificates. PLATFORM: All systems running: - Microsoft Internet Explorer 4.0 - Microsoft Internet Explorer 4.01 - Microsoft Internet Explorer 5.0 - Microsoft Internet Explorer 5.01 DAMAGE: If exploited, a malicious web site operator could pose as a trusted web site. SOLUTION: Apply the patch. This patch does require IE 5.01 to install. A version for IE 4.01 Service Pack 2 will be released shortly.
VULNERABILITY Risk is low. This vulnerability requires fairly restricted ASSESSMENT: circumstances to be exploited.
Voice: +1 925-422-8193 (7 x 24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: firstname.lastname@example.org World Wide Web: http://www.ciac.org/ http://ciac.llnl.gov (same machine -- either one will work) Anonymous FTP: ftp.ciac.org ciac.llnl.gov (same machine -- either one will work)