===========================================================================
A U S C E R T A L E R T
AL-2003.19 -- AUSCERT ALERT
Cumulative Patch for Internet Explorer (828750)
Microsoft Security Bulletin MS03-040
05 October 2003
===========================================================================
AusCERT Alert Summary
---------------------
Product: Internet Explorer 6.0
Internet Explorer 5.5
Internet Explorer 5.01
Publisher: Microsoft
Operating System: Windows
Impact: Execute Arbitrary Code/Commands
Access Required: Remote
CVE Names: CAN-2003-0809, CAN-2003-0838
Ref: AU-2003.013
AA-2003.03
ESB-2003.0588
Due to the severity and current exploitation of this vulnerability,
AusCERT is release this information as an AusCERT Alert.
For additional information and appropriate patches, please reference
the Microsoft Security Bulletin MS03-040, available at:
http://www.microsoft.com/technet/security/bulletin/ms03-040.asp
For information on viruses and trojans currently exploiting these
vulnerabilities, please see:
http://www.f-secure.com/v-descs/delude.shtml
http://www.sophos.com/virusinfo/analyses/trojqhosts1.html
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100719
http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.html
AusCERT will continue to monitor this vulnerability and any changes in
exploit activity. AusCERT members will be updated as information becomes
available.