Microsoft KB Archive/890923

= MS05-020: Cumulative security update for Internet Explorer =

Article ID: 890923

Article Last Modified on 3/23/2007

-

APPLIES TO


 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Small Business Server 2003 Premium Edition
 * Microsoft Windows Small Business Server 2003 Standard Edition
 * Microsoft Internet Explorer 6.0 Service Pack 1
 * Microsoft Internet Explorer 5.5
 * Microsoft Internet Explorer 5.01 Service Pack 4
 * Microsoft Internet Explorer 5.01 Service Pack 3
 * Microsoft Windows XP Professional
 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Professional x64 Edition
 * Microsoft Windows XP for Itanium-based Systems Version 2003
 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Professional
 * Microsoft Windows XP Service Pack 1
 * Microsoft Windows XP Tablet PC Edition
 * Microsoft Windows XP Tablet PC Edition 2005
 * Microsoft Windows XP Service Pack 2
 * Microsoft Windows XP Media Center Edition 2002
 * Microsoft Windows XP Media Center Edition 2002
 * Microsoft Windows XP Media Center Edition 2004
 * Microsoft Windows XP Media Center Edition 2005
 * Microsoft Windows XP Service Pack 2
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Datacenter Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Service Pack 4
 * Microsoft Windows Millennium Edition
 * Microsoft Windows 98 Standard Edition
 * Microsoft Windows 98 Second Edition

-





Microsoft has released security bulletin MS05-020. This security bulletin contains all the relevant information about the security update. The bulletin includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web sites:  Home users:

http://www.microsoft.com/athome/security/update/bulletins/default.mspx

 IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms05-020.mspx



Notes  Security update 890923 includes the cumulative security fixes that are documented in Microsoft security bulletin MS05-020. The update also includes hotfixes for Microsoft Internet Explorer that have been released after the release of the MS04-004 and MS04-025 security bulletins. The installer verifies whether one or more of the files that are being updated on the computer have previously been updated by a Microsoft hotfix. However, the installer detects only hotfixes that were released after security bulletin MS04-038, update rollup 873377, or update rollup 889669. Therefore, if you have a computer that has update rollup 873377, update rollup 889669, or a hotfix that was released after update rollup 873377, the installer automatically installs the hotfixes together with security update 890923. However, if the computer does not have update rollup 873377, update rollup 889669, or a hotfix that was released after security bulletin MS04-038, and you want to install the hotfixes included in cumulative security update 890923, you must follow the instructions in Microsoft Knowledge Base article 897225. Otherwise, your hotfixes will be removed.

897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer 6 Service Pack 1



List of software updates that are included in all the security update 890923 packages

332184 HTTP headers are displayed on the server upload Web page

886184 FIX: You receive an &quot;Access is denied&quot; error message when you open a Web page that runs a script in a frameset in Internet Explorer 6

889407 You receive an &quot;Access is denied&quot; error message when you open a Web page that runs a script in a frameset in Internet Explorer 6

892049 FIX: Internet Explorer 6.0 S892049 does not display the shortcut menu for an ActiveX control in Windows XP Service Pack 2

890207 FIX: The submit action does not execute in an Adobe Acrobat 6.0 PDF file that is hosted in an Internet Explorer 6.0 Service Pack 1 frame window

892052 FIX: Internet Explorer may unexpectedly quit with an error message in module Mshtml.dll when you try to locate a Web page in Windows XP Service Pack 2

884838 You receive a &quot;Microsoft Internet Explorer has encountered a problem and needs to close.&quot; error message when two pop-up windows appear at the same time in Internet Explorer 6 Service Pack 1

890215 Applications that use the WinINet API may not respond to a server as expected when you use Internet Explorer 6

894926 After you install security update 867282 that is included with Security Bulletin MS05-014, Internet Explorer crashes when you copy images from Web sites that use the &lt;input type=image&gt; tag

890327 You receive an error message when you try to upload an HTML document to http://validator.w3.org

Known issues  In Microsoft Windows XP Service Pack 2 and Microsoft Windows Server 2003 Service Pack 1, the Add or Remove Programs item in Control Panel lists software updates. Add or Remove Programs lists software updates under the name of the product that they update. In Windows XP Service Pack 2, Add or Remove Programs will list this update under Windows XP – Software Updates. In Windows XP Service Pack 2, Add or Remove Programs will not show Installed On for this software update. Therefore, this software update does not show up in the order of installation. Instead, this software update shows at the top of the Windows XP – Software Updates list.</li> Microsoft Baseline Security Analyzer (MBSA) is the scanning tool that is used by Microsoft Systems Management Server (SMS). MBSA can detect computers that require the security updates that are documented in Microsoft security bulletin MS05-020. However, MBSA cannot provide SMS with the information that is required to download and to deploy the appropriate MS05-020 security update packages for computers that are running the following software:  Internet Explorer 6 Service Pack 1 for Microsoft Windows NT 4.0</li> Internet Explorer 6 Service Pack 1 for Microsoft Windows 2000</li> Microsoft Windows XP</li></ul>

To resolve this problem, you can download an SMS deployment package from the Microsoft Download Center.

For more information about how to obtain and use the SMS deployment package, click the following article number to view the article in the Microsoft Knowledge Base:

896162 Systems Management Server deployment packages are available that include security update MS05-020 for Internet Explorer 6 Service Pack 1

</li> In some Windows Media High Definition Video (WMV HD) DVDs, a chapter does not play when you click it in Microsoft Windows Media Player after you install this security update.

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

884487 A chapter does not play when you click it in some WMV HD DVD disks in Windows Media Player

</li></ul>

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Keywords: kbbug kbfix kbsecvulnerability kbqfe kbsecurity kbwinnt400presp7fix kbsecbulletin kbwinxppresp2fix kbwin2000presp5fix kbwinserv2003presp1fix kbexpertiseadvanced kbexpertiseinter kbexpertisebeginner kbtocoff kbhotfixserver kbwinserv2003sp2fix KB890923

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.