Microsoft KB Archive/939653

= MS07-057: Cumulative security update for Internet Explorer =

Article ID: 939653

Article Last Modified on 1/5/2008

-

APPLIES TO

 Microsoft Internet Explorer 6.0 Service Pack 1, when used with:  Microsoft Windows NT 4.0 Service Pack 6a

 Microsoft Windows XP Professional

 Microsoft Windows XP Tablet PC Edition  Microsoft Internet Explorer 6.0, when used with:  Microsoft Windows Server 2003, Web Edition</li></ul>

 Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li></ul>

 Microsoft Windows Server 2003, Enterprise Edition</li></ul>

 Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul>

 Microsoft Windows Small Business Server 2003 Standard Edition</li></ul>

 Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems</li></ul>

 Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems</li></ul> </li> Windows Internet Explorer 7 for Windows Server 2003 IA64</li> Windows Internet Explorer 7 for Windows XP</li> <li>Windows Internet Explorer 7 for Windows Server 2003</li> <li>Windows Internet Explorer 7 in Windows Vista</li></ul>

-

<div class="summary_section">

INTRODUCTION
Microsoft has released security bulletin MS07-057. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites: <ul> <li>Home users:

http://www.microsoft.com/protect/computer/updates/bulletins/200710.mspx

Skip the details: Download the updates for your home computer or laptop from the Microsoft Update Web site now:

http://update.microsoft.com/microsoftupdate/

</li> <li>IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms07-057.mspx

</li></ul>

<div class="moreinformation_section">

Known issues with this security update
<ul> <li>You may receive an error message that resembles the following when you try to visit a Web page in Windows Internet Explorer 7:

Webpage cannot be displayed

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

942818 Error message after you install a Windows Internet Explorer 7 update from Windows Update or from Microsoft Update: &quot;Webpage cannot be displayed&quot;

</li> <li>When you browse from one Web site to a different Web site in Microsoft Internet Explorer 6 in Windows XP, Internet Explorer 6 may crash.

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

940072 When you browse from one Web site to a different Web site in Internet Explorer 6 on a Windows XP-based computer, Internet Explorer 6 crashes

</li> <li>ActiveX controls that prompt before they are loaded.

Note This issue occurs on Web sites that do not use the recommended techniques. This issue is resolved by using the techniques that are described on the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/ms537508.aspx

When certain controls are loaded on a Web page, the controls are not correctly masked by the functionality of this update. These controls include controls that are used in Macromedia Shockwave Director, in QuickTime Player, and in Virtools Web Player. When Windows determines that a control is inactive, the system prompts the user before the control is loaded.</li> <li>The use of monikers is no longer supported in Internet Explorer.

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

906294 The use of monikers is no longer supported in Internet Explorer after installing the security updates provided by cumulative security update 896727 (MS05-038)

</li> <li>You create a custom administrative template file to customize Microsoft Win32 Internet (WinINet) settings on a computer that is running Windows XP Service Pack 2 (SP2). When you do this, WinINet ignores the policies that you set.

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

904710 WinINet ignores the policies that you set when you create a custom administrative template file in Windows XP with Service Pack 2

</li></ul>

Non-security-related fixes that are included in this security update
Individual updates may be installed, depending on the operating system and affected application versions. Please view the individual articles to determine your update status.

General distribution release (GDR) fixes
<ul> <li>

918961 FIX: Internet Explorer 6 may exit with an access violation when the JavaScript garbage collector runs and you have dynamically removed a TBODY, THEAD, or TFOOT HTML tag from a table in Windows XP

</li> <li>

934014 FIX: Windows Internet Explorer 7 does not download an ActiveX control that is referenced in a CODEBASE attribute when you open a Web page that contains the OBJECT element and the CLSID attribute is missing

</li> <li>

935729 You cannot open a Web page by using Windows Internet Explorer 7 if the URL of the Web page contains non-ASCII characters

</li> <li>

941896 You cannot log on to an FTP site or you are redirected to the root folder of the FTP site in Internet Explorer 7

</li></ul>

Hotfixes
Security update 939653 packages for Windows XP and for Windows Server 2003 include Internet Explorer hotfix files and general distribution release (GDR) files. If no existing Internet Explorer files are from the hotfix environment, security update 939653 will install the GDR files. Hotfixes are intended to correct only the problems that are described in the Microsoft Knowledge Base articles that are associated with the hotfixes. Apply hotfixes only to systems that are experiencing these specific problems. These hotfixes may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains these hotfixes. For more information about how to install the hotfixes that are included in security update 939653, click the following article number to view the article in the Microsoft Knowledge Base:

897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer

Note In addition to installing hotfix files, review the Microsoft Knowledge Base article that is associated with the specific hotfix that you have to install to determine the registry modification that is required to enable that specific hotfix.

For more information about how to determine whether your existing Internet Explorer files are from the hotfix or from the GDR environment, click the following article number to view the article in the Microsoft Knowledge Base:

824994 Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Keywords: kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbpubtypekc KB939653

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.