<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; "><DIV><BR class="khtml-block-placeholder"></DIV><DIV><BR class="khtml-block-placeholder"></DIV>------------------------<DIV><BR class="khtml-block-placeholder"></DIV><DIV class="MsoNormal">For Windows Users:</DIV><DIV class="MsoNormal"><BR class="khtml-block-placeholder"></DIV><DIV class="MsoNormal">If you are one of many Microsoft Internet Explorer users at MIT (recent analysis puts that number at around 40%) then you will want to make sure you have the recent update released by Microsoft. On September 26, 2006, Microsoft announced a fix for a major problem identified as Microsoft Bulletin MS06-055. </DIV><DIV class="MsoNormal"> <O:P></O:P></DIV><DIV class="MsoNormal">If you use a Windows machine running Internet Explorer you should apply the update immediately unless your local system administrator instructs you to do otherwise. The update is available automatically through WAUS <A href="http://web.mit.edu/ist/topics/windows/updates/">http://web.mit.edu/ist/topics/windows/updates/</A> or from the Microsoft Security Bulletin page <A href="http://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx">http://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx</A>. </DIV><DIV class="MsoNormal"> <O:P></O:P></DIV><DIV class="MsoNormal">Summary of the problem: This patch addresses a user based exploit in the Vector Markup Language. If you happen to browse to a specially crafted Web page or view an HTML e-mail that exploits this vulnerability,<SPAN style="mso-spacerun: yes"> </SPAN>malicious code could potentially be downloaded to your computer, causing serious problems. </DIV><DIV class="MsoNormal"> <O:P></O:P></DIV><DIV class="MsoNormal">Please take the steps recommended below according to the version of Windows you are running.</DIV><DIV class="MsoNormal"> <O:P></O:P></DIV><P class="MsoNormal" style="text-indent: -24px;margin-left: 0.25in; "><SPAN style=""><FONT class="Apple-style-span" face="Symbol">·</FONT><SPAN style="font:7.0pt " times="" new="" roman""=""> </SPAN></SPAN>Microsoft Windows XP with Service Packs 1, 2 or Professional x64 Edition -- Download the update</P><P class="MsoNormal" style="text-indent: -24px;margin-left: 0.25in; "><SPAN style=""><FONT class="Apple-style-span" face="Symbol">·</FONT><SPAN style="font:7.0pt " times="" new="" roman""=""> </SPAN></SPAN>Microsoft Windows Server 2003 with Service Pack 1 or SP1 for Itanium-based Systems<SPAN style="mso-spacerun: yes"> </SPAN>-- Download the update</P><P class="MsoNormal" style="text-indent: -24px;margin-left: 0.25in; "><SPAN style=""><FONT class="Apple-style-span" face="Symbol">·</FONT><SPAN style="font:7.0pt " times="" new="" roman""=""> </SPAN></SPAN>Microsoft Windows Server 2003 for Itanium-based Systems or running x64 Edition -- Download the update</P><P class="MsoNormal" style="text-indent: -24px;margin-left: 0.25in; "><SPAN style=""><FONT class="Apple-style-span" face="Symbol">·</FONT><SPAN style="font:7.0pt " times="" new="" roman""=""> </SPAN></SPAN>Microsoft Windows 2000 (all levels) -- Download the update</P><P class="MsoNormal" style="text-indent: -24px;margin-left: 0.25in; "><SPAN style=""><FONT class="Apple-style-span" face="Symbol">·</FONT><SPAN style="font:7.0pt " times="" new="" roman""=""> </SPAN></SPAN>Other unsupported versions of Microsoft Windows -- Refer to the Microsoft Bulletin referenced above.</P><DIV class="MsoNormal" style="text-indent: 0px;"> <O:P></O:P></DIV><DIV class="MsoNormal">The very best first line of defense against vulnerabilities is to take Microsoft patches automatically whenever feasible. We want to thank everyone who already uses Microsoft's Automatic Update Service or MIT's local Windows Automatic Update Service, and if you already use one of these services, the patch has likely already been installed on your machine.</DIV><DIV class="MsoNormal"><BR class="khtml-block-placeholder"></DIV><DIV class="MsoNormal">Thank you,</DIV><DIV><BR><DIV> <SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><DIV>Monique Yeaton</DIV><DIV>IT Security Awareness Consultant</DIV><DIV>MIT Information Services & Technology (IS&T)</DIV><DIV><BR class="khtml-block-placeholder"></DIV><BR class="Apple-interchange-newline"></SPAN></SPAN> </DIV><BR></DIV></BODY></HTML>