Microsoft KB Archive/323759

= MS02-047: August 22, 2002, Cumulative Patch for Internet Explorer =

Article ID: 323759

Article Last Modified on 10/29/2007

-

APPLIES TO


 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.01
 * Microsoft Internet Explorer 5.01

-



This article was previously published under Q323759



SUMMARY
Microsoft has released a cumulative patch for Internet Explorer that includes updates for the issues that are described in the following Microsoft Knowledge Base articles:

321232 MS02-023: May 15, 2002, Cumulative Patch for Internet Explorer

316059 MS02-005: February 11, 2002, Cumulative Patch for Internet Explorer

319182 MS02-015: March 28, 2002, Cumulative Patch for Internet Explorer

This cumulative patch also prevents the following security vulnerabilities:  A buffer overrun vulnerability that affects the Gopher protocol handler. This vulnerability was originally described in the following Microsoft Security Bulletin:

MS02-027

This bulletin includes workaround instructions for use while this cumulative patch was being completed. A buffer overrun vulnerability that affects an ActiveX control that is used to display specially formatted text. The control contains a buffer overrun vulnerability that can make it possible for an attacker to run code on a user's computer in the context of the user. A vulnerability that involves how Internet Explorer handles an HTML directive that displays XML data. The directive is designed to only allow XML data from the Web site itself to be displayed. However, it does not correctly look for the case where a referenced XML data source is in fact redirected to a data source in a different domain. This flaw may make it possible for an attacker's Web page to open an XML-based file that resides on a remote computer in a browser window that the site can read. An attacker can then read contents from Web sites to which users had access but the attacker cannot view. A vulnerability that involves how Internet Explorer represents the origin of a file in the File Download dialog box. This flaw can make it possible for an attacker to misrepresent the source of a file that is offered for download in an attempt to trick users into accepting a file download from an untrusted source and believing it to be coming from a trusted source. A newly discovered variant of the &quot;Frame Domain Verification&quot; vulnerability that is described in the following Microsoft Security Bulletin:

MS02-005

This variant occurs because of improper domain checking when frames are invoked in conjunction with the Object tag. Because of this behavior, this vulnerability can make it possible for a malicious Web site operator to open two browser windows, one in the Web site's domain and the other on the user's local file. They can then pass system information from the latter to the former. This makes it possible for the Web site operator to read, but not change, any file on the user's local computer that can be opened in a browser window. Additionally, this particular variant can also make it possible for an attacker to start, but not pass parameters to, an executable file (.exe) on the local computer. This is much like the &quot;Local Executable Invocation via Object tag&quot; vulnerability that is described in the following Microsoft Security Bulletin:

MS02-015

 A newly reported variant of the &quot;Cross-Site Scripting in Local HTML Resource&quot; vulnerability that was originally described in the following Microsoft Security Bulletin:

MS02-023

Like the original variant, this vulnerability makes it possible for an attacker to create a Web page that, when opened, would run in the Local Computer zone. This means that it can run with fewer restrictions than it would in the Internet zone.

In addition, the patch that is described in this article sets the &quot;Kill Bit&quot; on the MSN Chat ActiveX control that is described in Microsoft Security Bulletin MS02-022 as well as the TSAC ActiveX control that is described in Microsoft Security Bulletin MS02-046.This has been done to make sure that vulnerable controls cannot be introduced onto users’ systems. Microsoft recommends that customers who use the MSN Chat control make sure that they have applied the updated version of the control discussed in MS02-022:

MS02-022

Microsoft recommends that customers who use the TSAC control make sure that they have applied the updated version of the control discussed in MS02-046:

MS02-046

For additional information about using the &quot;kill bit&quot; to stop an ActiveX control from running in Internet Explorer, click the following article number to view the article in the Microsoft Knowledge Base:

240797 How to Stop an ActiveX Control from Running in Internet Explorer

For additional information about known issues that can occur when you install this update, click the article number below to view the article in the Microsoft Knowledge Base:

325192 Issues After You Install Updates to Internet Explorer or Windows

For additional information about the latest service pack for Microsoft Windows 2000, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

<div class="moreinformation_section">

MORE INFORMATION
For more information about this patch, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS02-047.mspx

Download Information
The following file is available for download from the Microsoft Download Center:

Download the Q323759 package now

Release Date: August 22, 2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. The Internet Explorer 5.01 version of this update is for Windows 2000 only and is also available in Windows 2000 Service Pack 3 (SP3). For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

Installation Information
The Internet Explorer 5.5 version of this update requires Internet Explorer 5.5 Service Pack 2 (SP2) or Service Pack 1 (SP1). For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

276369 How to Obtain the Latest Service Pack for Internet Explorer 5.5

The Internet Explorer 5.01 version of this update is for Windows 2000 only and requires Windows 2000 Service Pack 2 (SP2). For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

You must restart your computer after you apply this update. This package supports the following switches:
 * /q Specifies quiet mode, or suppresses prompts, when files are being extracted.
 * /q:u Specifies user-quiet mode, which presents some dialog boxes to the user.
 * /q:a Specifies administrator-quiet mode, which does not present any dialog boxes to the user.
 * /t:  Specifies the target folder for extracting files.
 * /c Extracts the files without installing them.
 * /c:  Specifies the path and name of the Setup .inf or .exe file.
 * /r:n Never restarts the computer after installation.
 * /r:i Restart if a restart is required - Automatically restarts the computer if it is required to complete installation.
 * /r:a Always restarts the computer after installation.
 * /r:s Restarts the computer after installation without prompting the user.
 * /n:v No version checking - Install the program over any previous version.

For example, the  /q:a /r:n command installs the update without any user intervention, and then it does not force the computer to restart.

WARNING: Your computer is vulnerable until you restart it and log on as an administrator to complete the installation.

NOTE: You cannot successfully install this update on Windows XP-based computers in non-interactive mode (for example, by using Windows Task Scheduler, Microsoft Systems Management Server, or Tivoli software from from IBM). Microsoft is researching this problem and will post more information in this article when the information becomes available.

File Information
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

The following files are installed to the %WINDIR%\System32 folder: <pre class="fixed_text">  Date         Time   Version         Size       File name    Internet Explorer Version --  23-Jul-2002  15:49  6.0.2719.2200   2,759,680  Mshtml.dll   6 05-Mar-2002 03:09  6.0.2715.400      548,864  Shdoclc.dll  6 23-Jul-2002 15:51  6.0.2719.2200   1,336,320  Shdocvw.dll  6 23-Jul-2002 15:57  6.0.2715.400      109,568  Url.dll      6 23-Jul-2002 15:51  6.0.2719.2200     480,768  Urlmon.dll   6 06-Jun-2000 23:43  4.71.704.0          2,272  W95inf16.dll 6 06-Jun-2000 23:43  4.71.16.0           4,608  W95inf32.dll 6 06-Jun-2002 20:38  6.0.2718.400      583,168  Wininet.dll  6

06-Jun-2000 20:43  5.50.4134.600      92,432  Advpack.dll  5.5 SP2 22-Jul-2002 20:59  5.50.4919.2200  2,755,856  Mshtml.dll   5.5 SP2 22-Jul-2002 21:00  5.50.4919.2200  1,149,200  Shdocvw.dll  5.5 SP2 05-Mar-2002 01:53  5.50.4915.500      84,240  Url.dll      5.5 SP2 22-Jul-2002 21:01  5.50.4919.2200    451,344  Urlmon.dll   5.5 SP2 06-Jun-2000 20:43  4.71.704.0          2,272  W95inf16.dll 5.5 SP2 06-Jun-2000 20:43  4.71.16.0           4,608  W95inf32.dll 5.5 SP2 06-Jun-2002 21:27  5.50.4918.600     481,552  Wininet.dll  5.5 SP2

18-Dec-2001 15:48  5.50.4724.1700     79,120  Actxprxy.dll 5.5 SP1 06-Jun-2000 20:43  5.50.4134.600      92,432  Advpack.dll  5.5 SP1 18-Dec-2001 01:45  5.50.4724.1700     46,864  Digest.dll   5.5 SP1 22-Jul-2002 19:41  5.50.4731.2200  2,754,320  Mshtml.dll   5.5 SP1 18-Dec-2001 01:42  5.50.4724.1700    408,336  Mshtmled.dll 5.5 SP1 18-Dec-2001 01:43  5.50.4724.1700     71,952  Plugin.ocx   5.5 SP1 18-Dec-2001 15:48  5.50.4724.1700    494,352  Shdoc401.dll 5.5 SP1 24-Jul-2002 15:30  5.50.4731.2200  1,148,688  Shdocvw.dll  5.5 SP1 18-Dec-2001 14:52  5.50.4724.1700     23,312  Shfolder.dll 5.5 SP1 05-Mar-2002 01:53  5.50.4915.500      84,240  Url.dll      5.5 SP1 22-Jul-2002 19:43  5.50.4731.2200    450,832  Urlmon.dll   5.5 SP1 06-Jun-2000 20:43  4.71.704.0          2,272  W95inf16.dll 5.5 SP1 06-Jun-2000 20:43  4.71.16.0           4,608  W95inf32.dll 5.5 SP1 11-Jun-2002 19:33  5.50.4730.700     482,064  Wininet.dll  5.5 SP1

06-Jun-2000 20:43  5.50.4134.600      92,432  Advpack.dll  5.01 SP2 09-Sep-2001 22:31                     11,264  Instcat.exe  5.01 SP2 23-Jul-2002 14:53  5.0.3504.2500   2,355,472  Mshtml.dll   5.01 SP2 23-Jul-2002 14:54  5.0.3504.2500   1,106,192  Shdocvw.dll  5.01 SP2 05-Mar-2002 01:53  5.50.4915.500      84,240  Url.dll      5.01 SP2 23-Jul-2002 14:55  5.0.3504.2500     451,344  Urlmon.dll   5.01 SP2 06-Jun-2000 20:43  4.71.704.0          2,272  W95inf16.dll 5.01 SP2 06-Jun-2000 20:43  4.71.16.0           4,608  W95inf32.dll 5.01 SP2 07-Jun-2002 23:56  5.0.3506.1000     461,584  Wininet.dll  5.01 SP2 NOTE: Due to file dependencies, this update may contain additional files.

Additional query words: patch28

Keywords: kbproductlink kbhotfixserver kbqfe kbqfe kbwin2ksp4fix kbbug kbfix kbie501presp3fix kbie550presp3fix kbie600presp1fix kbsecbulletin kbsecurity kbsecvulnerability kbie600sp1fix KB323759

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.