Microsoft KB Archive/867282

= MS05-014: Cumulative security update for Internet Explorer =

Article ID: 867282

Article Last Modified on 10/11/2007

-

APPLIES TO


 * Microsoft Internet Explorer 5.01 Service Pack 4
 * Microsoft Internet Explorer 5.01 Service Pack 3
 * Microsoft Internet Explorer 5.5
 * Microsoft Internet Explorer 6.0 Service Pack 1
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Web Edition
 * Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
 * Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Professional
 * Microsoft Windows XP Professional 64-Bit Edition (Itanium)
 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Professional
 * Microsoft Windows XP Service Pack 1
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Service Pack 4
 * Microsoft Windows XP Professional x64 Edition

-





Microsoft has released security bulletin MS05-014. The security bulletin contains all the relevant information about the security update. This includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web site.  Home users:

http://www.microsoft.com/athome/security/update/bulletins/default.mspx

 IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms05-014.mspx



Notes  Security update 867282 includes the cumulative security fixes that are documented in Microsoft security bulletin MS05-014 and the hotfixes for Microsoft Internet Explorer that were released after MS04-040. The installer verifies whether one or more of the files that are being updated on your computer have previously been updated by a Microsoft hotfix. However, the installer only detects hotfixes that were released since MS04-038 and since update rollup 873377 or update rollup 889669. The installer verifies whether one or more of the files that are being updated on the computer have previously been updated by a Microsoft hotfix. However, the installer detects only hotfixes that were released since security bulletin MS04-038 and since update rollup 873377 or update rollup 889669. Therefore, if you have a computer that has update rollup 873377, update rollup 889669, or a hotfix that was released after update rollup 873377, the installer automatically installs the hotfixes together with security update 867282. However, if the computer does not have update rollup 873377, update rollup 889669, or a hotfix that was released after security bulletin MS04-038, and you want to install the hotfixes that are included in cumulative security update 867282, you must follow the instructions in Microsoft Knowledge Base article 897225. Otherwise, your hotfixes will be removed. For more information how to install hotfixes that are included in cumulative security updates for Internet Explorer 6 Service Pack 1, click the following article number to view the article in the Microsoft Knowledge Base:

897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer 6 Service Pack 1

 The following software updates are included in all the security update 867282 packages:  

889334 File upload in Internet Explorer 6 to a Web page may time out or take longer than expected to complete in Windows XP Service Pack 2

</li> 

889388 FIX: An access violation occurs in the digest!CList::GetNext method when you run two or more WinHTTP 5.1 applications at the same time that use Digest Authentication in Windows Server 2003

</li> 

890215 Applications that use the WinINet API may not respond to a server as expected when you use Internet Explorer 6

</li> 

890327 You receive an error message when you try to upload an HTML document to http://validator.w3.org

</li> 

841008 Automatic spelling checker warnings may not appear under misspelled words in Office InfoPath 2003 with S841008 or in other programs that use the automatic spelling checker

</li> 

818408 &quot;Windows - Delayed Write&quot; error message and Event ID 14800 when you try to copy a large file to a Web folder by using WebDAV

</li> 

884534 FIX: You receive a &quot;Page cannot be displayed&quot; error message in Internet Explorer when you click a hyperlink to view a Microsoft Office document

</li> 

873387 Outlook Web Access attachments are not saved correctly in Internet Explorer 6 Service Pack 1

</li> 

890208 FIX: Clicking a SELECT HTML element that is in a drop-down list may cause Internet Explorer 6 to crash

</li> 

872942 FIX: Windows Explorer leaks memory when you use the Windows Explorer tree view to browse different folders in Windows XP and Windows Server 2003

</li> 

883740 You receive the warning &quot;You are about to be redirected to a connection that is not secure.&quot; in Internet Explorer 6 Service Pack 1

</li> 

886801 FIX: A program that calls Wininet.dll takes longer than expected to quit

</li> 

888110 Internet Explorer 6 may stop responding when you try to change the content on a Microsoft SharePoint Portal Server 2001 site

</li> 

835183 An access violation occurs in Msxml3.dll when you try to quit Internet Explorer 6

</li> 

888406 The &quot;Back&quot; button is unavailable after you click a hyperlink in a Word document that you open in Internet Explorer 6.0 on a Windows XP-based computer

</li> <li>

884838 You receive a &quot;Microsoft Internet Explorer has encountered a problem and needs to close.&quot; error message when two pop-up windows appear at the same time in Internet Explorer 6 Service Pack 1

</li> <li>

832823 You receive an &quot;Access Violation (0xC0000005 exception)&quot; error in Internet Explorer 6.0

</li> <li>

889386 You may receive an access denied error message when a Web site redirects you to another Web page on a computer that is running Windows XP Service Pack 2

</li> <li>

889389 Internet Explorer may intermittently quit when you close a window in an HTML application in Internet Explorer 6 Service Pack 1

</li> <li>

892049 FIX: Internet Explorer 6.0 S892049 does not display the shortcut menu for an ActiveX control in Windows XP Service Pack 2

</li> <li>

837247 A link that has a specified target always opens in a new window if Internet Explorer is the startup program in a Terminal Services session or the shell for the operating system

</li></ul> </li></ul>

Known issues <ul> <li>Microsoft Baseline Security Analyzer (MBSA) is the scanning tool that is used by Microsoft Systems Management Server (SMS). MBSA can detect computers that require the security updates that are documented in Microsoft security bulletin MS05-014. However, for computers that are running Internet Explorer 6.0 Service Pack 1 for Microsoft Windows NT 4.0 and Internet Explorer 6.0 Service Pack 1 for Microsoft Windows 2000 and for Microsoft Windows XP, MBSA cannot provide SMS with the information that is required to download and to deploy the appropriate MS05-014 security update packages. To resolve this problem, you can download an SMS deployment package from the Microsoft Download Center. If you are deploying this fix by using Systems Management Server, see the details in the following Microsoft Knowledge Base article:

892937 Systems Management Server deployment packages are available that include security update MS05-014 for Internet Explorer 6 Service Pack 1

</li> <li>In some Windows Media High Definition Video (WMV HD) DVDs, a chapter that you click to play does not play in Microsoft Windows Media Player after you install this security update. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

884487 A chapter does not play when you click it in some WMV HD DVD disks in Windows Media Player

</li> <li>After you install security update 867282, Internet Explorer crashes when you copy images from Web sites that use the &quot; &quot; tag.

894926 After you install security update 867282 that is included with Security Bulletin MS05-014, Internet Explorer crashes when you copy images from Web sites that use the &lt;input type=image&gt; tag

</li></ul>

Technical support for Windows x64 editions
Your hardware manufacturer provides technical support and assistance for Microsoft Windows x64 editions. Your hardware manufacturer provides support because a Windows x64 edition was included with your hardware. Your hardware manufacturer might have customized the Windows x64 edition installation with unique components. Unique components might include specific device drivers or might include optional settings to maximize the performance of the hardware. Microsoft will provide reasonable-effort assistance if you need technical help with your Windows x64 edition. However, you might have to contact your manufacturer directly. Your manufacturer is best qualified to support the software that your manufacturer installed on the hardware.

For product information about Microsoft Windows XP Professional x64 Edition, visit the following Microsoft Web site:

http://www.microsoft.com/windowsxp/64bit/default.mspx

For product information about Microsoft Windows Server 2003 x64 editions, visit the following Microsoft Web site:

http://www.microsoft.com/windowsserver2003/64bit/x64/default.mspx

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000 Winx64 Windowsx64 64bit 64-bit

Keywords: kbbug kbfix kbsecvulnerability kbqfe kbsecurity kbwinnt400presp7fix kbsecbulletin kbwinxppresp2fix kbwin2000presp5fix kbwinserv2003presp1fix kbhotfixserver KB867282

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.