Microsoft KB Archive/316059

= MS02-005: February 11, 2002, Cumulative Patch for Internet Explorer =

Article ID: 316059

Article Last Modified on 3/29/2007

-

APPLIES TO


 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5
 * Microsoft Internet Explorer 5.5
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.01
 * Microsoft Internet Explorer 5.01
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0

-



This article was previously published under Q316059



IMPORTANT: The February 11, 2002 Cumulative Patch for Internet Explorer has been superseded by the February, 2003 Cumulative Patch for Internet Explorer. For additional information about how to obtain this patch, click the following article number to view the article in the Microsoft Knowledge Base:

810847 MS03-004: February, 2003 Cumulative Patch for Internet Explorer



SUMMARY
The February 11, 2002, Cumulative Patch for Internet Explorer includes updates for the issues that are described in the following Microsoft Knowledge Base articles:

286043 MS01-051: Patch Available for Telnet Logging Vulnerability

306121 MS01-051: Malformed &quot;Dotless&quot; IP Address Can Cause a Web Page to Be Handled in the Intranet Zone

308414 MS01-051: Patch Available for HTTP Request Encoding Vulnerability

312461 MS01-055: Internet Explorer Cookie Data Can Be Exposed or Altered Through Script Injection

313675 MS01-058: File Vulnerability Patch for Internet Explorer 5.5 and Internet Explorer 6

317726 MS02-005: Patch Is Available for the GetObject Scripting Function Vulnerability

317727 MS02-005: Patch Is Available for the Application Invocation via Content-Type Field Vulnerability

317729 MS02-005: Patch Is Available for a New Variant of the &quot;Frame Domain Verification&quot; Vulnerability

317731 MS02-005: Patch Is Available for the Buffer Overrun in HTML Directive Vulnerability

317742 MS02-005: Patch Is Available for the Script Execution Vulnerability

317745 MS02-005: Patch is Available for the File Download Dialog Box Spoofing Vulnerability

For more information about this patch, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/ms02-005.mspx

NOTES:  After you install this patch, calls to execScript may cause Internet Explorer to stop responding (hang). For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

318426 BUG: Latest Security Patch (Q316059) Crashes Internet Explorer When You Call execScript

 After you install this patch, the Open button in the Open dialog box is unavailable if the Content-Type that is specified in the header does not match the file name that is specified in the Content-Disposition header. This behavior is by design for all cases, except if you try to open an .rtf file. To open an .rtf file, save the file, and then open it by using Windows Explorer.



MORE INFORMATION

 * Internet Explorer 6
 * Internet Explorer 5.5 Service Pack 2
 * Internet Explorer 5.5 Service Pack 1
 * Internet Explorer 5.01 Service Pack 2 (on Windows 2000 only)

Release Date: February 11, 2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

Internet Explorer 6
The following file is available for download from the Microsoft Download Center:

Download Q316059.exe now

The English version of this update should have the following file attributes or later:   Date         Time   Version        Size       File name --  17-Aug-2001  21:43  6.0.2600.0        91,136  Advpack.dll 11-Jan-2002 17:16  6.0.2713.1100  2,753,536  Mshtml.dll 11-Jan-2002 16:23  6.0.2713.1100    548,864  Shdoclc.dll 15-Jan-2002 16:21  6.0.2713.1500  1,336,320  Shdocvw.dll 03-Dec-2001 12:52  6.0.2712.300     109,568  Url.dll 11-Jan-2002 17:18  6.0.2713.1100    479,744  Urlmon.dll 06-Jun-2000 15:43  4.71.704.0         2,272  W95inf16.dll 06-Jun-2000 15:43  4.71.16.0          4,608  W95inf32.dll 03-Dec-2001 13:55  6.0.2712.300     581,632  Wininet.dll You must restart your computer after you install this update. Uninstall is not available for this update.

This update is also available in Internet Explorer 6 Service Pack 1 (SP1). For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

328548 How to Obtain the Latest Internet Explorer 6 Service Pack

Internet Explorer 5.5 Service Pack 2
The following file is available for download from the Microsoft Download Center:

Download Q316059.exe now

The English version of this update should have the following file attributes or later:   Date         Time   Version             Size   File name --  06-Jun-2000  15:43  5.50.4134.600      92,432  Advpack.dll 14-Jan-2002 16:19  5.50.4913.1100  2,753,296  Mshtml.dll 15-Jan-2002 16:54  5.50.4913.1500  1,149,200  Shdocvw.dll 03-Dec-2001 13:48  5.50.4912.300     201,728  Url.dll 14-Jan-2002 16:19  5.50.4913.1100    451,856  Urlmon.dll 06-Jun-2000 15:43  4.71.704.0          2,272  W95inf16.dll 06-Jun-2000 15:43  4.71.16.0           4,608  W95inf32.dll 03-Dec-2001 14:35  5.50.4912.300     480,528  Wininet.dll You must restart your computer after you install this update. Uninstall is not available for this update.

Internet Explorer 5.5 Service Pack 1
The following file is available for download from the Microsoft Download Center:

Download Q316059.exe now

The English version of this update should have the following file attributes or later:   Date         Time   Version             Size   File name --  18-Dec-2001  10:48  5.50.4724.1700     79,120  Actxprxy.dll 06-Jun-2000 15:43  5.50.4134.600      92,432  Advpack.dll 17-Dec-2001 20:45  5.50.4724.1700     46,864  Digest.dll 21-Jan-2002 10:45  5.50.4725.2100  2,751,248  Mshtml.dll 17-Dec-2001 20:42  5.50.4724.1700    408,336  Mshtmled.dll 17-Dec-2001 20:43  5.50.4724.1700     71,952  Plugin.ocx 18-Dec-2001 10:48  5.50.4724.1700    494,352  Shdoc401.dll 21-Jan-2002 10:47  5.50.4725.2100  1,148,688  Shdocvw.dll 18-Dec-2001 09:52  5.50.4724.1700     23,312  Shfolder.dll

17-Dec-2001 20:41  5.50.4724.1700     84,240  Url.dll 21-Jan-2002 10:46  5.50.4725.2100    450,320  Urlmon.dll 06-Jun-2000 15:43  4.71.704.0          2,272  W95inf16.dll 06-Jun-2000 15:43  4.71.16.0           4,608  W95inf32.dll 18-Dec-2001 09:53  5.50.4724.1700    480,528  Wininet.dll You must restart your computer after you install this update. Uninstall is not available for this update.

Internet Explorer 5.01 Service Pack 2 (on Windows 2000 only)
This update is only for customers running Internet Explorer 5.01 Service Pack 2 on Windows 2000. If you are running Internet Explorer 5.01 on any other version of Windows, upgrade to Internet Explorer 5.5 Service Pack 2 or later and then apply this update.

The following file is available for download from the Microsoft Download Center:

Download Q316059.exe now

The English version of this update should have the following file attributes or later:   Date         Time   Version        Size       File name --  06-Jun-2000  15:43  5.50.4134.600     92,432  Advpack.dll 22-Jan-2002 03:07  5.0.3502.4856  2,275,088  Mshtml.dll 22-Jan-2002 03:07  5.0.3502.4856  1,096,976  Shdocvw.dll 04-Sep-2001 14:42  5.50.4909.400     84,240  Url.dll 22-Jan-2002 03:07  5.0.3502.4584    408,336  Urlmon.dll 06-Jun-2000 15:43  4.71.704.0         2,272  W95inf16.dll 06-Jun-2000 15:43  4.71.16.0          4,608  W95inf32.dll 22-Jan-2002 03:07  5.0.3502.4619    445,200  Wininet.dll You must restart your computer after you install this update. Uninstall is not available for this update.

This update is also available in Internet Explorer 5.01 Service Pack 3 for Windows 2000. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

267954 How to Obtain the Latest Internet Explorer 5.01 Service Pack

Known Issues
 You may receive the following error message when you try to install this patch:

Microsoft Internet Explorer Update

This update requires Internet Explorer  to be installed

This issue may occur if you try to install the wrong patch. Internet Explorer updates are specific to the version of Internet Explorer that you are running (including service pack level and any hotfixes) and language locale. For example, this error message occurs when you try to install an update for English Internet Explorer 6 on a computer that is running German Internet Explorer 6 or English Internet Explorer 6 SP1. To resolve this issue, install the correct version of the patch. If you are sure that you have the correct version of the patch, use the /n:v switch to install the patch. To confirm that you have the correct update package for this patch, follow these steps:

<ol> Click Start, and then click Run.</li> Type the following command to extract the contents of the update package to a temporary folder (in this example, the temporary folder is C:\Q316059 ): path\Q316059.exe /c /t:c:\q316059 </li> Click Start, and then click Search. Alternatively, click Start, point to Search, and then click For Files and Folders.</li> In the All or part of the file name box, type shdocvw.dll, and then click Search (or click Search Now).</li> After the search results appear, right-click the Shdocvw.dll file in your Windows\System32 folder, and then click Properties.</li> Click the Version tab, and then note the File version value.</li> Click Language, and then note the value.</li> Click OK.</li> Repeat steps 5 to 7 for the Shdocvw.dll file in your C:\Q316059 folder.</li> If the version of Shdocvw.dll in the C:\Q316059 folder is later (it has a greater number) than the version in your Windows\System32 folder, but it is earlier (it has a smaller number) than the next available version of Internet Explorer, you have the correct version of the patch. To determine the next available version of Internet Explorer, click the article number below to view the article in the Microsoft Knowledge Base:

164539 How to Determine Which Version of Internet Explorer Is Installed

Note If the language value is different, either obtain the correct update package for your Windows language version or use the /n:v switch to install this patch over an English version of Windows with Multilingual Menus and Dialog Boxes for Internet Explorer or the Windows 2000 or Windows XP MultiLanguage Version.</li></ol> </li> For additional information about known issues that may occur after you install this update, click the following article number to view the article in the Microsoft Knowledge Base:

325192 Issues After You Install Updates to Internet Explorer or Windows

</li></ul>

Additional query words: security_patch rollup

Keywords: kbinfo kbie501presp3fix kbsecvulnerability kbwin2000sp3fix kbsecurity kbie600sp1fix kbsecbulletin KB316059

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.