• 503-906-8800 (sales)
• 503-906-1600 (main)
• subscribe
• contact us

• Home
• Blog
• Services
  • IT Solutions
  • Network Support
  • Monitoring
  • Small Business
  • Corporate Solutions
• About Us
  • Company Profile
  • HDIT
  • Newsroom
  • Core Values
  • Employees
  • Leadership Team
  • Customer Feedback
  • Contact Us

Microsoft Cannot Protect our clients, but we can…

---

Security Update Applied

On Tuesday, Microsoft released Security Advisory 972890 for Internet Explorer running on Windows XP and Windows Server 2003.  This security vulnerability, which currently is being exploited, can enable an attacker to run code as the logged-on user if they browse to a malicious site or to a legitimate site with a malicious banner advertisement.

The vulnerability rests in an unused ‘feature’ of how ActiveX controls are handled by Internet Explorer.  While Windows Vista and Server 2008 are not vulnerable Microsoft still recommended that changes be made to those systems to prevent future attacks.

Microsoft did not release a patch via their regular patching mechanism to plug this security vulnerability but Microsoft has recommended a workaround.   As outlined in the Microsoft security advisory, Convergence Networks has used its Deverra tool to script the changes required to plug the hole.  Convergence Networks tested the changes internally, both on its test machines and then on its production workstations and servers.  Using Deverra, the changes were then deployed to all of the workstations and servers under the management of Convergence.

Internet Explorer will now ignore any attempt by malicious websites to exploit this vulnerability and your machines are protected from this attack.  In other words, your systems are safe, and you can go into the weekend with peace of mind.

If you would like to receive more information simply contact us.

---

What People Are Saying