Microsoft KB Archive/889293

= MS04-040: Cumulative security update for Internet Explorer =

Article ID: 889293

Article Last Modified on 2/6/2007

-

APPLIES TO


 * Microsoft Internet Explorer 6.0 Service Pack 1

-





SUMMARY
Microsoft has released security bulletin MS04-040. The security bulletin contains all the relevant information about the security update, including file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web sites:

Consumer:

http://www.microsoft.com/athome/security/update/bulletins/default.mspx

IT Professional:

http://www.microsoft.com/technet/security/bulletin/MS04-040.mspx

Microsoft Internet Explorer 6 Service Pack 1 (SP1) hotfixes that were released after Microsoft security bulletin MS04-004 may not be included in security update 889293. Security update 889293 is documented in Microsoft security bulletin MS04-040. Update rollup 889669 includes the cumulative security fixes in security update 889293 and Internet Explorer hotfixes that were released after Microsoft security bulletin MS04-004. Update rollup 889669 is available from the Microsoft Download Center. You may have to install update rollup 889669 if you require Internet Explorer 6 SP1 (version 6.00.2800.1106) hotfixes. For additional information about update rollup 889669, click the following article number to view the article in the Microsoft Knowledge Base:

889669 An update rollup is available for Internet Explorer 6 Service Pack 1

Notes  Microsoft Internet Explorer 6 Service SP1 hotfixes that were released after Microsoft security bulletin MS04-004 may not be included in security update 889293. Security update 889293 is documented in Microsoft security bulletin MS04-040. Update rollup 889669 includes the cumulative security fixes in security update 889293 and Internet Explorer hotfixes that were released after Microsoft security bulletin MS04-004. Update rollup 889669 is available from the Microsoft Download Center. You may have to install update rollup 889669 if you require Internet Explorer 6 SP1 (version 6.00.2800.1106) hotfixes. For additional information about update rollup 889669, click the following article number to view the article in the Microsoft Knowledge Base:

889669 An update rollup is available for Internet Explorer 6 Service Pack 1

 The following updates are included in all the 889293 security update packages:  

888092 You may receive an error message in module Mshtml.dll and Internet Explorer quits when you run a custom Web program in Internet Explorer 6

 A fix for a problem that causes Internet Explorer not to be able to locate the correct program associated with a particular file type. This problem occurs if the content-type header that is returned by the server contains trailing attributes, such as the character set. For example, if the content type that is returned by the server is &quot;text/xml; charset=utf-8,&quot; Internet Explorer may not be able to locate the program that is used to open the file. We will update this article as soon as the Microsoft Knowledge Base article that is associated with this problem, 871248, is published. 

Known Issues
 Microsoft Baseline Security Analyzer (MBSA), the scanning tool that is used by Microsoft Systems Management Server (SMS), can detect computers that require the security updates that are documented in Microsoft security bulletin MS04-040. However, for computers that are running Internet Explorer 6 SP1 for Microsoft Windows NT 4.0 and Internet Explorer 6 SP1 for Microsoft Windows 2000 and for Microsoft Windows XP, MBSA cannot provide SMS with the information that is required to download and deploy the appropriate MS04-040 security update packages. To resolve this problem, you can download an SMS deployment package from the Microsoft Download Center.

If you are deploying this fix by using Systems Management Server, see the details in the following Microsoft Knowledge Base article:

889410 Systems Management Server deployment packages are available for MS04-040 security updates for Internet Explorer 6 Service Pack 1

</li> On Windows 2000-based computers, in the Support Info dialog box for this security update, when you click Close, nothing happens. The Support Info dialog box is available from Add or Remove Programs in Control Panel. For additional information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

887754 Close button does not work in the Add or Remove Programs Support Info dialog box

</li> In Microsoft Windows Media Player, after you install this security update, when you click to play a chapter in some Windows Media High Definition Video (WMV HD) DVD disks, the chapter does not play. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

884487 A chapter does not play when you click it in some WMV HD DVD disks in Windows Media Player

</li></ul>

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Keywords: kbinfo kbfix kbbug kbsecvulnerability kbsecbulletin kbsecurity kbqfe KB889293

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.