Microsoft KB Archive/906294

= The use of monikers is no longer supported in Internet Explorer after installing the security updates provided by cumulative security update 896727 (MS05-038) =

Article ID: 906294

Article Last Modified on 10/11/2007

-

APPLIES TO

 Microsoft Internet Explorer 6.0 Service Pack 1, when used with:  Microsoft Windows XP Service Pack 1

 Microsoft Windows 2000 Service Pack 4

 Microsoft Windows 2000 Professional Edition

 Microsoft Windows 2000 Datacenter Server</li></ul>

 Microsoft Windows 2000 Advanced Server</li></ul>

 Microsoft Windows Millennium Edition</li></ul>

 Microsoft Windows 98 Second Edition</li></ul> </li> Microsoft Internet Explorer 6.0</li> Microsoft Internet Explorer 6.0, when used with:  Microsoft Windows XP Service Pack 2</li></ul>

 Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li></ul>

 Microsoft Windows Server 2003, Enterprise Edition</li></ul>

 Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul>

<ul> <li>Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems</li></ul>

<ul> <li>Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems</li></ul>

<ul> <li>Microsoft Windows Server 2003, Standard x64 Edition</li></ul>

<ul> <li>Microsoft Windows Server 2003, Enterprise x64 Edition</li></ul>

<ul> <li>Microsoft Windows XP Professional x64 Edition</li></ul> </li> <li>Microsoft Internet Explorer 5.5, when used with: <ul> <li>Microsoft Windows Millennium Edition</li></ul> </li> <li>Microsoft Internet Explorer 5.01 Service Pack 4, when used with: <ul> <li>Microsoft Windows 2000 Advanced Server</li></ul>

<ul> <li>Microsoft Windows 2000 Datacenter Server</li></ul>

<ul> <li>Microsoft Windows 2000 Service Pack 4</li></ul>

<ul> <li>Microsoft Windows 2000 Professional Edition</li></ul> </li></ul>

-

<div class="notice_section">

<div class="notice_section">

Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.

Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

<div class="symptoms_section">

SYMPTOMS
When you view a Web page in the products that are listed in the &quot;Applies to&quot; section and the Web page contains a moniker, the Web page may not work as expected. For example, an object that contains a Java moniker may not load.

This problem occurs after you install the cumulative security update that is referenced in the following Microsoft Knowledge Base article:

896727 MS05-038: Cumulative security update for Internet Explorer

<div class="resolution_section">

RESOLUTION
Because of security changes that were implemented in cumulative security update 896727, the use of custom monikers is no longer enabled. A custom moniker is used to reference and create an instance of an ActiveX control or to run code. For example, these monikers include the following. JAVA: NEW: SESSION: If the application uses the Microsoft Java Virtual Machine Java moniker, use one of the following methods to enable the use of custom monikers.

Method 1: Application written in Microsoft Visual J++
To resolve this problem if the application was written in Microsoft Visual J++, convert the application to a Microsoft Visual J# application.

For more information about how to convert the Visual J++ application to a Visual J# application, visit the following Microsoft Developer Network (MSDN) Web sites:

http://msdn2.microsoft.com/en-us/library/9seshy8c(VS.80).aspx

Method 2: Application written to the Microsoft SDK for Java
To resolve this problem if the application was written to the Microsoft SDK for Java, convert the application to a Visual J# application.

For more information about how to convert the Visual J++ application to a Visual J# application, visit the following MSDN Web site:

http://msdn2.microsoft.com/en-us/library/aa290083(VS.71).aspx

Note Other applications that use a custom moniker must be rewritten to remove the dependency on the custom moniker.

<div class="moreinformation_section">

MORE INFORMATION
Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

Note These steps disable a change that was implemented in cumulative security update 896727 that prevents the use of monikers. After you follow these steps, a Web page that contains a moniker will work as expected. However, we do not recommend that you make this change because it disables part of the security update. You should only make this change temporarily until you implement one of the methods in the &quot;Resolution&quot; section.

To work around this problem and to enable the use of monikers, you must install the cumulative security update for Internet Explorer that is described in security bulletin MS05-052. You must also create or modify registry subkeys. To do this, follow these steps: <ol> <li>Download and then install the cumulative security update for Internet Explorer that is described in security bulletin MS05-052. For more information about how to obtain and install this cumulative security update for Internet Explorer, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/ms05-052.mspx

</li> <li>Click Start, click Run, type regedit, and then click OK.</li> <li>Locate and then click one of the following registry subkeys: <ul> <li>To enable the use of monikers per user, click the following registry subkey:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\

</li> <li>To enable the use of monikers per computer, click the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\

</li></ul> </li> <li>On the Edit menu, point to New, and then click Key.</li> <li>Type FEATURE_LIMIT_MONIKERS, and then press ENTER.</li> <li>Click FEATURE_LIMIT_MONIKERS.</li> <li>On the Edit menu, point to New, and then click DWORD Value.</li> <li>Type iexplore.exe, and then press ENTER.</li> <li>On the Edit menu, click Modify, type 0, and then click OK.

Note A value of 0 enables monikers to work in an Internet Explorer process. A value of 1 disables the use of monikers.</li> <li>Quit Registry Editor.</li></ol>

Keywords: kbbug kbfix kbqfe kbpubtypekc kbhotfixserver KB906294

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.