================= SPONSORED BY AXENT TECHNOLOGIES ===================
FREE Windows 2000 Security WebCast
AXENT(r)'s "Everything You Need to Know about Windows 2000 Security"
WebCast on March 30 will inform you of Windows 2000's first security
patch, its potential defects, as well predictions for what's to come.
It also highlights a number of new security features.
Space is limited - register today at
http://www.win2000mag.com/jump.cfm?ID=13
AXENT is the leading provider of e-security solutions for your
business, delivering integrated products and expert services to 45
of the Fortune 50 companies.
=====================================================================

February 18, 2000 - Two risks were discovered: Microsoft reported a
problem with its Internet Explorer version 4.x and 5.x that may expose
files on a user's system with their permission. A patch is now
available along with a FAQ and support online article regarding this
matter.

Stephane Aubert reported a problem with Win2K Professional that may
allow an intruder to gain Administrator access to the system in a
particular window of time during the installation process. The problem
may affect Server versions of the new operating system as well, however
testing against Server has not yet been confirmed. We verified that
Microsoft is aware of the matter however they have made no official
comments at the time of this writing.

  * Win2K Pro Exposes System During Install
    http://www.ntsecurity.net/go/load.asp?iD=/security/win2kpro2.htm

  * IE Exposes User Files
    http://www.ntsecurity.net/go/load.asp?iD=/security/ie510.htm

Thanks for subscribing to Security UPDATE.

Please tell your friends about this newsletter and alert list!

Sincerely,
The Security UPDATE Team
security@ntsecurity.net

=======================================================================
TO UNSUBSCRIBE from this alert list DO NOT REPLY, instead send e-mail
to listserv@listserv.ntsecurity.net with the words "unsubscribe
securityupdate" in the body of the message without the quotes.

TO SUBSCRIBE to this alert list, send e-mail to the same address listed
above with the words "subscribe securityupdate anonymous" in the body
of the message without the quotes.
=======================================================================
             Security UPDATE is powered by LISTSERV(R) software
                 http://www.lsoft.com/LISTSERV-powered.html
=======================================================================
Copyright (c) 2000 Duke Communications Intl. Inc. - ALL RIGHTS RESERVED
Forwarding this email is permitted, as long as the entire message body,
the mail header, and this notice are included.