Microsoft KB Archive/867801

= MS04-025: Cumulative security update for Internet Explorer =

Article ID: 867801

Article Last Modified on 6/1/2006

-

APPLIES TO


 * Microsoft Internet Explorer 5.0
 * Microsoft Internet Explorer 6.0

-



SUMMARY
Microsoft has released security bulletin MS04-025. The security bulletin contains all the relevant information about the security update, including file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx

For additional information about the latest service pack for Windows XP, click the following article number to view the article in the Microsoft Knowledge Base:

322389 How to obtain the latest Windows XP service pack



Known Issues
 This update may not include all hotfixes for Microsoft Internet Explorer that have been provided since the release of security update 832894 (MS04-004). For additional information about security update 832894, click the following article number to view the article in the Microsoft Knowledge Base:

832894 MS04-004: Cumulative Security Update for Internet Explorer

If you received hotfixes from Microsoft or from your support provider since the release of security update 832894 (MS04-004), review the FAQ section of security bulletin MS04-025 to determine how this update may affect your operating system. If you require an Internet Explorer hotfix that is not included in security update 867801, install update rollup 871260. For additional information about update rollup 871260, click the following article number to view the article in the Microsoft Knowledge Base:

871260 An update rollup is available for Internet Explorer

For additional information about terminology for Microsoft software updates, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Notes:  You may require an Internet Explorer hotfix that does not include the Mshtml.dll file or the Shlwapi.dll file. If this hotfix was created after security update 832894 (MS04-004), you may be able to install security update 867801 (MS04-025) and then reinstall the hotfix that was created after security update 832894 (MS04-004). If you are not sure if you require an Internet Explorer hotfix that is not included in this security update, install security update 867801. If you experience problems that are related to a missing hotfix after you install security update 867801, install update rollup 871260.  This security update adds additional restrictions to the cross-domain security model in Internet Explorer. If you are a developer of Internet Explorer-based code that is affected by these changes, we recommend that you examine the security implications of your product and explore changes to your Internet Explorer-based code to work around these changes. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

875345 A security update is available that adds additional restrictions to the cross-domain security model that is used by Internet Explorer

 If hotfix 840309 is installed, you may experience unrecoverable errors in Windows Explorer (Explorer.exe) after you install security update 867801. For additional information about hotfix 840309 and steps to prevent or work around this issue, click the following article number to view the article in the Microsoft Knowledge Base:

840309 Browsing the My Documents folder on a network share with Windows Explorer from a Windows XP-based computer takes longer than expected



Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated BMP buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000 Cross-Domain Vulnerability

Keywords: atdownload kbwinxpsp2fix kbsecurity kbsecbulletin kbsecvulnerability kbwinxppresp2fix kbbug kbfix kbwinserv2003presp1fix kbwin2000presp5fix kbwinnt400presp7fix kbhotfixserver kbqfe KB867801

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.