Microsoft KB Archive/889669

= An update rollup is available for Internet Explorer 6 Service Pack 1 =

Article ID: 889669

Article Last Modified on 2/6/2007

-

APPLIES TO

 Microsoft Internet Explorer 6.0 Service Pack 1, when used with:  Microsoft Windows XP Embedded

 Microsoft Windows XP Professional for Itanium-based systems

 Microsoft Windows 2000 Service Pack 4

 Microsoft Windows 2000 Service Pack 3</li></ul>

 Microsoft Windows NT 4.0 Service Pack 6a</li></ul>

 Microsoft Windows Millennium Edition</li></ul>

 Microsoft Windows 98 Second Edition</li></ul>

 Microsoft Windows 98 Standard Edition</li></ul> </li></ul>

-

<div class="notice_section">

<div class="summary_section">

SUMMARY
We have released update rollup 889669. This update rollup is intended for IT professionals who require Microsoft Internet Explorer hotfixes that were released after Microsoft Security Bulletin MS04-004. This update rollup includes the following fixes:
 * The cumulative security fixes that are in security update 889293.

Note Security update 889293 is documented in Microsoft Security Bulletin MS04-040.
 * Update 888092 and update 871248.
 * All Internet Explorer 6 Service Pack 1 (SP1) hotfixes that were released after Microsoft Security Bulletin MS04-004.

Update rollup 889669 is available from the Microsoft Download Center. You must install update rollup 889669 if you require an Internet Explorer 6 SP1 hotfix that was released after Microsoft Security Bulletin MS04-004.

Note If your computer is not running Internet Explorer 6 SP1 (version 6.00.2800.1106), install security update 889293 instead of update rollup 889669.

<div class="notice_section">

TABLE OF CONTENTS

 * INTRODUCTION
 * MORE INFORMATION
 * Download information
 * Internet Explorer 6 Service Pack 1 (SP1) for Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Windows XP Service Pack 1
 * Internet Explorer 6 Service Pack 1 (SP1) for Microsoft Windows 98 Second Edition, Microsoft Windows Millennium Edition, Microsoft Windows NT, Windows 98
 * Internet Explorer 6 Service Pack 1 (SP1) for Microsoft Windows XP 64-bit Edition
 * Installation information
 * Prerequisites
 * Restart requirements
 * Setup switches
 * Windows XP SP1 and Windows 2000 (all versions)
 * All other Windows versions
 * List of software updates that are included in this update rollup
 * File information
 * Removal information
 * Internet Explorer 6 Service Pack 1 on Windows 2000 and Windows XP
 * All other Windows versions
 * Known issues
 * Windows XP 64-Bit Edition, Version 2003
 * Windows XP, Windows 2000, Windows NT Server 4.0, Windows Millennium Edition, or Windows 98 Second Edition

<div class="summary_section">

INTRODUCTION
An update rollup is available for Microsoft Internet Explorer 6 SP1 (version 6.00.2800.1106). Update rollup 889669 includes security update 889293 (MS04-040) and Internet Explorer 6 SP1 hotfixes that were created after Microsoft Security Bulletin MS04-004. For Internet Explorer 6 Service Pack 1 for Microsoft Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP, Windows XP Service Pack 1, Windows NT Server 4.0 Service Pack 6a, Windows NT Server 4.0 Terminal Server Edition Service Pack 6, Windows 98, Windows 98 Second Edition, and Windows Millennium Edition, most Internet Explorer hotfixes are not included in MS04-040.

When you install one or more of the MS04-040 security updates for Internet Explorer 6 SP1, Internet Explorer hotfixes released since MS04-004 will be removed if the hotfix replaced one or more of the files listed in the &quot;Security Update Information&quot; section of Microsoft Security Bulletin MS04-040. Starting with MS04-025, cumulative hotfixes for Internet Explorer are available in a separate update rollup that includes both cumulative hotfixes and the security fixes included in the latest security update for Internet Explorer. For example, update rollup 871260 includes the cumulative security fixes in MS04-025 and hotfixes released since MS04-004. Update rollup 889669 includes the cumulative security fixes in MS04-040 and hotfixes released since MS04-004. For additional information about hotfixes included in update rollup 889669, see the &quot;List of fixes that are included in this update rollup&quot; section. The hotfix versions of the files that are included in this update rollup are installed regardless of whether you have previously installed an Internet Explorer hotfix to update one or more of the files that are listed in the &quot;Security Update Information&quot; section of the security bulletin. For additional information about the MS04-040 security updates (889293), visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS04-040.mspx

<div class="moreinformation_section">

Download information
Internet Explorer 6 Service Pack 1 (SP1) for Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Windows XP Service Pack 1

The following files are available for download from the Microsoft Download Center:

Download the Windows XP, Windows XP Service Pack 1, Windows 2000 Service Pack 3, and Windows 2000 Service Pack 4 package now.

Release Date: December 1, 2004

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

Back to the top

Internet Explorer 6 Service Pack 1 (SP1) for Microsoft Windows 98 Second Edition, Microsoft Windows Millennium Edition, Microsoft Windows NT, Windows 98

The following files are available for download from the Microsoft Download Center:

Download the Windows 98 Second Edition, Windows Millennium Edition, Windows NT, and Windows 98 package now.

Release Date: December 1, 2004

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

Back to the top

Internet Explorer 6 Service Pack 1 (SP1) for Microsoft Windows XP 64-bit Edition

The following files are available for download from the Microsoft Download Center:

Download the Windows XP 64-Bit Edition package now.

Release Date: December 1, 2004

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

Back to the top

Installation information
You must be logged on as an administrator to install update rollup 889669 and security update 889293. To install a downloaded version of update rollup 889669, run the 889669 update rollup package that you downloaded by using the appropriate Setup switches. If you are an enterprise administrator, you can deploy update rollup 889669 and security update 889293 by using Microsoft Systems Management Server (SMS) Feature Pack or by using SMS 2003. Microsoft Baseline Security Analyzer (MBSA) can recognize that update rollup 889669 has been installed and, if it has, to correctly indicate that MS04-040 is present. You can use SMS to deploy the security update or the update rollup. This is because MBSA recognizes the newer file versions of the rollup as equivalent to the MS04-040 security update from a security perspective. You cannot use MBSA to determine whether the update rollup is relevant for a specific computer. For example, you cannot use MSBA to determine whether the computer is running any post-MS04-004 hotfixes. You can only use MSBA to determine whether the minimum security baseline that is established by MS04-040 has been met. You cannot use Microsoft Software Update Services (SUS) to deploy update rollup 889669. For additional information about using SMS to deploy update rollup 889669 to only those computers that are running post-MS04-004 hotfixes or how to determine whether the update rollup has been installed on client computers, click the following article number to view the article in the Microsoft Knowledge Base:

867832 How to distribute software updates that are not detected by the Microsoft Baseline Security Analyzer in Systems Management Server 2003

You can use one of the following methods to verify that update rollup 889669 or security update 889293 has been installed:

WIndows 2000, Windows Server 2003, Windows XP 64-Bit Edition, Version 2003, and Windows XP (all editions)
 * Compare the versions of the updated files on your computer with the files that are listed in the &quot;File information&quot; section.
 * Confirm that the Installed DWORD value appears in the following registry key and that it has a data value of 1:

Note is the update article number.

All other Windows versions
 * Compare the versions of the updated files on your computer with the files that are listed in the &quot;File information&quot; section.
 * Confirm that the IsInstalled DWORD value appears in the following registry key and that it has a data value of 1:

Back to the top

Prerequisites
Microsoft has tested the versions of Windows and the versions of Internet Explorer that are listed in this article to assess whether they are affected by these vulnerabilities and to confirm that update rollup 889669 addresses these vulnerabilities.

To install update rollup 889669, your computer must be running Internet Explorer 6 SP1 (version 6.00.2800.1106) on one of the following versions of Windows:
 * Windows XP 64-Bit Edition, Version 2002
 * Windows XP Service Pack 1 (SP1)
 * Windows XP Windows 2000 Service Pack 4 (SP4)
 * Windows 2000 Service Pack 3 (SP3)
 * Windows NT Server 4.0 Service Pack 6a (SP6a)
 * Windows NT Server 4.0 Terminal Server Edition Service Pack 6 (SP6)
 * Windows Millennium Edition
 * Windows 98 Second Edition
 * Windows 98

Back to the top

Restart requirements
You must restart your computer to complete the installation.

Back to the top

Setup switches
 Windows XP and Windows 2000 (all versions) 

The Windows XP and Windows 2000 versions of update rollup 873377 and security update 889293 (MS04-040) support the following Setup switches:
 * /help: Displays the command-line options.
 * /quiet: Quiet mode (no user interaction or display).
 * /passive: Unattended mode (progress bar only).
 * /uninstall: Uninstalls the package.
 * /norestart: Do not restart when installation is complete.
 * /forcerestart: Restart after installation.
 * /l: Lists installed Windows hotfixes or update packages.
 * /o: Overwrite OEM files without prompting.
 * /n: Do not backup files needed for uninstall.
 * /f: Force other programs to close when the computer shuts down.
 * /extract: Extract the files without running Setup.

You can combine these switches in one command. For example, to install the update rollup without any user intervention, use the following command at a command prompt:

IE6.0sp1-KB889669-Windows-2000-XP-x86-enu /passive /quiet

To install the update rollup without forcing the system to restart, use the following command at a command prompt:

IE6.0sp1-KB889669-Windows-2000-XP-x86-enu /norestart

Back to the top

 All other Windows versions 

The other update packages for security update 889293 (MS04-040) and for update rollup 889669 support the following switches:
 * /q : Use Quiet mode or suppress messages when the files are being extracted.
 * /q:u : Use User-Quiet mode. User-Quiet mode presents some dialog boxes to the user.
 * /Q:A : Specifies administrator-quiet mode, which does not present any dialog boxes to the user.
 * /T: <full path: Specifies the target folder for extracting files.
 * /C: Extracts the files without installing them. If /T: path is not specified, you are prompted for a target folder.
 * /C: <Cmd>: Override Install Command defined by author. Specifies the path and name of the Setup .inf or .exe file.
 * /R:N: Never restarts the computer after installation.
 * /R:I: Prompts the user to restart the computer if a restart is required, except when used with /Q:A.
 * /R:A: Always restarts the computer after installation.
 * /R:S: Restarts the computer after installation without prompting the user.

You can combine these switches in one command. For example, to install the update rollup without any user intervention and to not force the system to restart, use the following command at a command prompt:

IE6.0sp1-KB889669-Windows NT4sp6a-98-ME-x86-ENU.exe /q:a /r:n

Back to the top

List of software updates that are included in this update rollup
Update rollup 889669 contains the following software updates:  

888092 You may receive an error message in module Mshtml.dll and Internet Explorer quits when you run a custom Web program in Internet Explorer 6

</li> A fix for a problem that causes Internet Explorer not to be able to locate the correct program associated with a particular file type. This problem occurs if the content-type header that is returned by the server contains trailing attributes, such as the character set. For example, if the content type that is returned by the server is &quot;text/xml; charset=utf-8,&quot; Internet Explorer may not be able to locate the program that is used to open the file. We will update this article as soon as the Microsoft Knowledge Base article that is associated with this problem, 871248, is published.</li> 

873377 An update rollup is available for Internet Explorer 6 Service Pack 1

</li> 

889293 MS04-040: Cumulative Security Update for Internet Explorer

</li></ul>

Back to the top

File information
The English version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Internet Explorer 6 Service Pack 1 for Windows 2000 and Windows XP (32-Bit Edition):

Internet Explorer 6 Service Pack 1 for Windows XP (64-Bit Edition):

Internet Explorer 6 Service Pack 1 for Windows 98, Windows 98 SE, Windows Me, and Windows NT:

Back to the top

Internet Explorer 6 Service Pack 1 on Windows 2000 and Windows XP:
To remove this update, use Add or Remove Programs in Control Panel. The item that refers to this update lists it as a Windows update and not as an Internet Explorer update. This is a change from past Internet Explorer update rollups.

System administrators can use the Spunist.exe utility to remove this update rollup. The Spuninst.exe utility is located in the %Windir% \$NTUninstallKB nnnnnn $\Spuninst folder. This utility supports the following Setup switches:
 * /?: Show the list of installation switches.
 * /u: Use unattended mode.
 * /f: Force other programs to quit when the computer shuts down.
 * /z: Do not restart when the installation is complete.
 * /q: Use Quiet mode (no user interaction).

All other Windows versions
To remove this update, use Add or Remove Programs in Control Panel. Click Internet Explorer 889669, and then click Change/Remove or Add/Remove.

System administrators can use the Ieuninst.exe utility to remove this update. This security update installs the Ieuninst.exe utility in the %Windir% folder. This utility supports the following Setup switches:
 * /?: Show the list of supported switches.
 * /z: Do not restart when the installation is complete.
 * /q: Use Quiet mode (no user interaction).

For example, to remove this update quietly, use the following command:

c:\windows\ieuninst /q c:\windows\inf\q889669.inf

Note This command assumes that Windows is installed in the C:\Windows folder.

Back to the top

Windows XP 64-Bit Edition, Version 2003
To correctly remove more than one cumulative update for Internet Explorer on a computer that is running Windows XP 64-Bit Edition, Version 2003, you must remove the updates in the same order that you installed them. For example, if you install 818529 and then you install 828750, you must remove 828750 before you remove 818529. For additional information about known issues that may occur after you install this update, click the following article number to view the article in the Microsoft Knowledge Base:

325192 Issues after you install updates to Internet Explorer or Windows

Back to the top

Windows XP, Windows 2000, Windows NT Server 4.0, Windows Millennium Edition, or Windows 98 Second Edition
 After you remove update rollup 889669 from a computer that is running Windows XP, Windows 2000, Windows NT Server 4.0, Windows Millennium Edition, or Windows 98 Second Edition, you cannot remove previous cumulative updates for Internet Explorer, such as critical update 818529. This behavior is by design. Removal is supported only for the last cumulative update that you installed.</li> For additional information about known issues that may occur after you install this update, click the following article number to view the article in the Microsoft Knowledge Base:

325192 Issues after you install updates to Internet Explorer or Windows

</li></ul>

Back to the top

Additional query words: update rollup security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Keywords: kbfix kbbug kbsecvulnerability kbsecbulletin kbsecurity kbqfe KB889669

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.