Microsoft KB Archive/311052

= Downloaded Programs Can Run on Internet Explorer 5.1 for Macintosh for OS X =

Article ID: 311052

Article Last Modified on 6/21/2004

-

APPLIES TO


 * Microsoft Internet Explorer 5.1 for Macintosh

-



This article was previously published under Q311052



SYMPTOMS
A vulnerability in Internet Explorer 5.1 for Macintosh could allow a program to run unexpectedly. If an attacker were to convince you to download a malicious program that is compressed as a BinHex or MacBinary file type, the program could run after the download process finished.

For such an attack to succeed, you would have to initiate the download process. This vulnerability cannot be used to automatically download and run malicious code on your computer.



CAUSE
This vulnerability results because of an issue in how Internet Explorer and Macintosh OS X interoperate when they handle downloaded MacBinary and BinHex files.



RESOLUTION
To resolve this problem, use the Software Update feature in Macintosh OS X version 10.1 to install the Internet Explorer 5.1 Security Update. Additional information about the Software Update feature is available at the following Apple Computer Web site:

http://www.apple.com/macosx/upgrade/softwareupdates.html

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.



STATUS
Microsoft has confirmed that this problem may cause a degree of security vulnerability in Internet Explorer 5.1 for Macintosh.



MORE INFORMATION
For additional information about this vulnerability, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS01-053.mspx

Additional query words: mac security_patch

Keywords: kbbug kbfix kbsecvulnerability kbsecurity kbsechack KB311052

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.