Internet Explorer Security Patches IE Security Patches for 2004 Forrest Stroud
Internet Explorer / Outlook Express Security Patches for 2004
12.02.04.MS04-040 - Dec Cumulative Patch for IE. Severity Rating: Critical New: Eliminates HTML Elements Vulnerability (also known as IFRAME Vulnerability). The cumulative update additionally includes patches for all previously fixed vulnerabilities.
10.12.04.MS04-038 - Oct Cumulative Patch for IE. Severity Rating: Critical New: Eliminates seven flaws: CSS Heap Memory Corruption Vulnerability, Similar Method Name Redirection Cross Domain Vulnerability,
Install Engine Vulnerability, Drag and Drop Vulnerability, Address Bar Spoofing on Double Byte Character Set Systems Vulnerability, Plug-in Navigation Address Bar Spoofing Vulnerability, Script in Image Tag File Download Vulnerability, and SSL Caching Vulnerability (plus patches for all previously fixed vulnerabilities).
09.12.04.MS04-038 - Buffer Overrun in JPEG Processing (GDI+). Severity Rating: Critical. (Updated 10.12.04) New: This is a patch for the Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution vulnerability, which exists in the processing of JPEG image formats. The security hole could allow remote code execution on an affected system. Any program that processes JPEG images on the affected systems could be vulnerable to this attack, and any system that uses the affected programs or components could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
09.20.04.Security Update for Internet Explorer 6 SP1 New: This update patches a security issue that could allow an attacker to compromise a computer running Windows and gain complete control over it. (The update appears as Microsoft VGX 833989 in the Add/Remove Programs section of the Control Panel.)
07.30.04.MS04-025 - July Cumulative Patch for IE. Severity Rating: Critical. (Revised 08.01.04) New: Eliminates Navigation Method Cross-Domain Vulnerability, Malformed BMP File Buffer Overrun Vulnerability, and Malformed GIF File Double Free Vulnerability (plus patches for all previously fixed vulnerabilities)
07.02.04.Fix for Download.Ject Trojan. Severity Rating: Critical New: 'Configuration change' (and Windows Update download) to resolve Download.Ject Trojan (Note: Windows XP SP2 RC2 users are not at risk of this vulnerability)
