NEWS FROM THE LAB - Thursday, December 2, 2004

Important note about Microsoft's MS04-040 update Posted by Sami @ 08:38 GMT

According to Microsoft, the MS04-040 update does not include all hotfixes or patches released since February's (MS04-004) or October's (MS04-038) Cumulative Updates for Internet Explorer. So, if you have received fixes via Microsoft or via their support providers, you should use Internet Explorer SP1 update rollup instead.

Like Ero mentioned earlier, MS04-040 fixes the Internet Explorer vulnerability that is exploited actively. This vulnerability was used, for example, by Bofra worm, so upgrading as soon as possible is highly recommended.