Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Microsoft Security Bulletin MS07-033 - Critical

Cumulative Security Update for Internet Explorer (933566)

Published: June 12, 2007 | Updated: June 13, 2007

Version: 1.2

General Information

Executive Summary

This critical security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction.

This is a critical security update for supported releases of Internet Explorer 5.01 and Internet Explorer 6, and most supported releases of Internet Explorer 7. For Internet Explorer 7 for supported versions and editions of Windows Server 2003, this update is rated moderate. For more information, see the subsection, Affected and Non-Affected Software, in this section.

This security update addresses two vulnerabilities by setting the kill bit for COM objects and for the rest, by modifying the way that Internet Explorer handles calls, error conditions, and special features such as Language Pack Installation and Speech Control. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update immediately.

Known Issues. Microsoft Knowledge Base Article 933566 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.

Affected and Non-Affected Software

The software listed here has been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle.

Affected Software

Operating SystemComponentMaximum Security ImpactAggregate Severity RatingBulletins Replaced by This Update
Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1
Microsoft Windows 2000 Service Pack 4Microsoft Internet Explorer 5.01 Service Pack 4Remote Code ExecutionCriticalMS07-027
Microsoft Windows 2000 Service Pack 4Microsoft Internet Explorer 6 Service Pack 1Remote Code ExecutionCriticalMS07-027
Internet Explorer 6
Windows XP Service Pack 2Microsoft Internet Explorer 6Remote Code ExecutionCriticalMS07-027
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2Microsoft Internet Explorer 6Remote Code ExecutionCriticalMS07-027
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2Microsoft Internet Explorer 6Remote Code ExecutionCriticalMS07-027
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2Microsoft Internet Explorer 6Remote Code ExecutionCriticalMS07-027
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based SystemsMicrosoft Internet Explorer 6Remote Code ExecutionCriticalMS07-027
Internet Explorer 7
Windows XP Service Pack 2Windows Internet Explorer 7Remote Code ExecutionCriticalMS07-027
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2Windows Internet Explorer 7Remote Code ExecutionCriticalMS07-027
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2Windows Internet Explorer 7Remote Code ExecutionModerateMS07-027
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2Windows Internet Explorer 7Remote Code ExecutionModerateMS07-027
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based SystemsWindows Internet Explorer 7Remote Code ExecutionModerateMS07-027
Windows VistaWindows Internet Explorer 7Remote Code ExecutionCriticalMS07-027
Windows Vista x64 EditionWindows Internet Explorer 7Remote Code ExecutionCriticalMS07-027

What are the known issues that customers may experience when they install this security update? 
Microsoft Knowledge Base Article 933566 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.

Why does this update address several reported security vulnerabilities? 
This update addresses several vulnerabilities because the modifications for these issues are located in related files. Instead of having to install several updates that are almost the same, customers need to install this update only.

Does this update contain any security-related changes that are not Internet Explorer specific? 
Yes. The changes are listed under the specific vulnerability entry, “Speech Control Memory Corruption Vulnerability CVE-2007-2222” in the next section, Vulnerability Information.

I am using an older release of the software discussed in this security bulletin. What should I do? 
The affected software listed in this bulletin have been tested to determine which releases are affected. Other releases are past their support life cycle. To determine the support life cycle for your software release, visit Microsoft Support Lifecycle.

It should be a priority for customers who have older releases of the software to migrate to supported releases to prevent potential exposure to vulnerabilities. For more information about the Windows Product Lifecycle, visit the following Microsoft Support Lifecycle. For more information about the extended security update support period for these software releases, visit the Microsoft Product Support Services Web site.

Customers who require custom support for older software must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. For contact information, visit the Microsoft Worldwide Information Web site, select the country, and then click Go to see a list of telephone numbers. When you call, ask to speak with the local Premier Support sales manager. For more information, see the Windows Operating System Product Support Lifecycle FAQ.

Vulnerability Information

Vulnerability Severity Rating and Maximum Security Impact by Affected Software
Affected SoftwareCOM Object Instantiation Memory Corruption Vulnerability – CVE-2007-0218CSS Tag Memory Corruption Vulnerability – CVE-2007-1750Language Pack Installation Vulnerability – CVE-2007-3027Uninitialized Memory Corruption Vulnerability – CVE-2007-1751Navigation Cancel Page Spoofing Vulnerability – CVE-2007-1499Speech Control Memory Corruption Vulnerability – CVE-2007-2222Aggregate Severity Rating
Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4Critical

Remote Code Execution

NoneCritical

Remote Code Execution

Critical

Remote Code Execution

NoneCritical

Remote Code Execution

Critical
Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4Critical

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

NoneCritical

Remote Code Execution

Critical
Internet Explorer 6
Internet Explorer 6 for Windows XP Service Pack 2Critical

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

NoneCritical

Remote Code Execution

Critical
Internet Explorer 6 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2Critical

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

NoneCritical

Remote Code Execution

Critical
Internet Explorer 6 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2Moderate

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

Moderate

Remote Code Execution

NoneModerate

Remote Code Execution

Critical
Internet Explorer 6 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2Moderate

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

Moderate

Remote Code Execution

NoneModerate

Remote Code Execution

Critical
Internet Explorer 6 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based SystemsModerate

Remote Code Execution

Critical

Remote Code Execution

Critical

Remote Code Execution

Moderate

Remote Code Execution

NoneModerate

Remote Code Execution

Critical
Internet Explorer 7
Internet Explorer 7 for Windows XP Service Pack 2NoneNoneCritical

Remote Code Execution

Critical

Remote Code Execution

Moderate

Spoofing

Critical

Remote Code Execution

Critical
Internet Explorer 7 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2NoneNoneCritical

Remote Code Execution

Critical

Remote Code Execution

Moderate

Spoofing

Critical

Remote Code Execution

Critical
Internet Explorer 7 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2NoneNoneModerate

Remote Code Execution

Moderate

Remote Code Execution

Moderate

Spoofing

Moderate

Remote Code Execution

Moderate
Internet Explorer 7 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2NoneNoneModerate

Remote Code Execution

Moderate

Remote Code Execution

Moderate

Spoofing

Moderate

Remote Code Execution

Moderate
Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based SystemsNoneNoneModerate

Remote Code Execution

Moderate

Remote Code Execution

Moderate

Spoofing

Low

Remote Code Execution

Moderate
Internet Explorer 7 in Windows VistaNoneNoneNoneCritical

Remote Code Execution

Moderate

Spoofing

Critical

Remote Code Execution

Critical
Internet Explorer 7 in Windows Vista x64 EditionNoneNoneNoneCritical

Remote Code Execution

Moderate

Spoofing

Critical

Remote Code Execution

Critical

A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-0218.

Mitigating Factors for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:

  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • By default, all supported releases of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps reduce attacks that could try to exploit this vulnerability by preventing ActiveX controls from being used when reading HTML e-mail. However, if a user clicks on a link within an e-mail they could still be vulnerable to this issue through the Web-based attack scenario.
  • By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See the FAQ section of this security bulletin for more information about Internet Explorer Enhanced Security Configuration.
  • Internet Explorer 7 is not affected by this vulnerability.

Workarounds for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218

Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:

  • Configure Internet Explorer to prompt before running ActiveX Controls or disable ActiveX Controls in the Internet and Local intranet security zone

    You can help protect against this vulnerability by changing your Internet Explorer settings to prompt before running ActiveX controls. To do this, follow these steps:

    1. In Internet Explorer, click Internet Options on the Tools menu.
    2. Click the Security tab.
    3. Click Internet, and then click Custom Level.
    4. Under Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK.
    5. Click Local intranet, and then click Custom Level.
    6. Under Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK.
    7. Click OK two times to return to Internet Explorer.

    Impact of Workaround: There are side effects to prompting before running ActiveX controls. Many Web sites that are on the Internet or on an intranet use ActiveX to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”.

    Add sites that you trust to the Internet Explorer Trusted sites zone.

    After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.

    To do this, follow these steps:

    1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab.
    2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.
    3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.
    4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add.
    5. Repeat these steps for each site that you want to add to the zone.
    6. Click OK two times to accept the changes and return to Internet Explorer.

    Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and “*.update.microsoft.com” (without the quotation marks). These are the sites that will host the update, and it requires an ActiveX Control to install the update.

  • Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones

    You can help protect against this vulnerability by changing your settings for the Internet security zone to prompt before running ActiveX controls and Active Scripting. You can do this by setting your browser security to High.

    To raise the browsing security level in Internet Explorer, follow these steps:

    1. On the Internet Explorer Tools menu, click Internet Options.
    2. In the Internet Options dialog box, click the Security tab, and then click the Internet icon.
    3. Under Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High.

    Note If no slider is visible, click Default Level, and then move the slider to High.

    Note Setting the level to High may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High.

    Impact of Workaround: There are side effects to prompting before running ActiveX controls and Active Scripting. Many Web sites that are on the Internet or on an intranet use ActiveX or Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls or Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls or Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”.

  • Prevent COM objects from running in Internet Explorer

    You can disable attempts to instantiate a COM object in Internet Explorer by setting the kill bit for the control in the registry.

    Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

    For detailed steps that you can use to prevent a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow these steps in this article to create a Compatibility Flags value in the registry to prevent a COM object from being instantiated in Internet Explorer.

    Note The Class Identifiers and corresponding files where the COM objects are contained are documented provided in the table below

Class IdentifierFile
{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}Urlmon.dll
{79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}Urlmon.dll
{79EAC9E4-BAF9-11CE-8C82-00AA004BA90B}Urlmon.dll
{79EAC9E5-BAF9-11CE-8C82-00AA004BA90B}Urlmon.dll
{79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}Urlmon.dll
{79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}Urlmon.dll
{3DD53D40-7B8B-11D0-B013-00AA0059CE02}Urlmon.dll

Replace {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} below with the Class Identifiers above.

To set the kill bit for a CLSID with a value of {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}, paste the following text in a text editor such as Notepad. Then, save the file by using the .reg file name extension.


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{ XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX }]
"Compatibility Flags"=dword:00000400

You can apply this .reg file to individual systems by double-clicking it. You can also apply it across domains by using Group Policy. For more information about Group Policy, visit the following Microsoft Web sites:

Note You must restart Internet Explorer for your changes to take effect.

Impact of Workaround: There is no impact as long as the COM object is not intended to be used in Internet Explorer.

FAQ for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218

What is the scope of the vulnerability? 
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data.

What causes the vulnerability? 
When Internet Explorer tries to instantiate certain COM objects as ActiveX Controls under certain conditions, the COM objects may corrupt the system state in such a way that an attacker could execute arbitrary code.

What might an attacker use the vulnerability to do? 
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

How could an attacker exploit the vulnerability? 
An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger request that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

What systems are primarily at risk from the vulnerability? 
This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability.

I am running Internet Explorer 7. Does this mitigate this vulnerability? 
Yes. Internet Explorer 7 is not affected by this vulnerability.

I am running Internet Explorer for Windows Server 2003. Does this mitigate this vulnerability? 
Yes. By default, Internet Explorer for Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running malicious Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration.

What does the update do? 
The update removes the vulnerability by modifying the vulnerable components to better handle the returning of values.

When this security bulletin was issued, had this vulnerability been publicly disclosed? 
No. Microsoft received information about this vulnerability through responsible disclosure.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? 
No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued.

A remote code execution vulnerability exists in Internet Explorer due to improper handling of a CSS tag. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-1750.

Mitigating Factors for CSS Tag Memory Corruption Vulnerability - CVE-2007-1750

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:

  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail or Instant Messenger message that takes users to the attacker's Web site.
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • By default, all supported releases of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps reduce the number of successful attacks that exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail. However, if a user clicks on a link within an e-mail they could still be vulnerable to this issue through the Web-based attack scenario.

    Note It cannot be ruled out that this vulnerability could be used in an exploit without Active Scripting. However, using Active Scripting significantly increases the chances of a successful exploit. As a result, this vulnerability has been given a severity rating of Critical on Windows Server 2003.
  • Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4 and Internet Explorer 7 are not affected by this vulnerability.

Workarounds for CSS Tag Memory Corruption Vulnerability - CVE-2007-1750

Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:

  • Read e-mail messages in plain text format to help protect yourself from the HTML e-mail attack vector

    You can help protect yourself against this vulnerability by changing your e-mail settings to read e-mail messages in plain text using Outlook 2002 and later, Outlook Express 6 and later, or Windows Mail. For information in Outlook, search “plain text” in Help and review “Read messages in plain text.” In Outlook Express, search “plain text” in Help and review “Reducing your risk of getting e-mail viruses.” In Windows Mail, search “plain text” in Help and review “Security and privacy in Windows Mail.”

    Impact of workaround: E-mail messages that are viewed in plain text format will not contain pictures, specialized fonts, animations, or other rich content. Additionally:

    • The changes are applied to the preview pane and to open messages.
    • Pictures become attachments so that they are not lost.
    • Because the message is still in Rich Text or HTML format in the store, the object model (custom code solutions) may behave unexpectedly.

FAQ for CSS Tag Memory Corruption Vulnerability - CVE-2007-1750

What is the scope of the vulnerability? 
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data.

What causes the vulnerability? 
Internet Explorer improperly parses a specially crafted CSS tag. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

What might an attacker use the vulnerability to do? 
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

How could an attacker exploit the vulnerability?
An attacker could host a specially crafted Web site that is designed to exploit the vulnerability and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

What systems are primarily at risk from the vulnerability?
This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities.

What is CSS? 
CSS or Cascading Style Sheets is a formatting method for Web pages using HTML.

What does the update do?
The update removes the vulnerability by modifying the way that Internet Explorer handles CSS tags.

When this security bulletin was issued, had this vulnerability been publicly disclosed?
No. Microsoft had not received any information to indicate that this vulnerability had been publicly disclosed when this security bulletin was originally issued.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited?
No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued.

A remote code execution vulnerability exists in Internet Explorer in the way that it handles language pack installation. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. User interaction, while expected, is required to exploit this vulnerability.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-3027.

Mitigating Factors for Language Pack Installation Vulnerability - CVE-2007-3027

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:

  • User interaction, while expected, is required to exploit this vulnerability.
  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Internet Explorer 7 in Windows Vista and Internet Explorer 7 in Windows Vista x64 Edition are not affected by this vulnerability.

Workarounds for Language Pack Installation Vulnerability - CVE-2007-3027

Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:

  • Prevent Language Pack Installation

    You can prevent language pack installation in Internet Explorer by setting a registry key.

    Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.


    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International]
    "W2KLpk"=dword:00000000

    You can apply this .reg file to individual systems by double-clicking it. You can also apply it across domains by using Group Policy. For more information about Group Policy, visit the following Microsoft Web sites:

    Note You must restart Internet Explorer for your changes to take effect.

    Impact of Workaround: No language pack(s) will be installed on demand.

    How to undo the workaround:

    You can enable language pack installation in Internet Explorer by setting a registry key.


    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International]
    "W2KLpk"=dword:00000001

FAQ for Language Pack Installation Vulnerability - CVE-2007-3027

What is the scope of the vulnerability? 
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data.

What causes the vulnerability? 
Internet Explorer may attempt to install multiple language packs in such a way that a race condition may occur. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

What might an attacker use the vulnerability to do? 
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

How could an attacker exploit the vulnerability?
An attacker could host a specially crafted Web site that is designed to exploit the vulnerability and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

What systems are primarily at risk from the vulnerability?
This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities.

What are language packs on Internet Explorer? 
Typically, a Web page may need to download character sets to display the page properly, or to perform a particular task. For example, if you open a Web page that requires Japanese-text display support (Charset=euc-jp), Internet Explorer automatically prompts you to download the Japanese Language Pack component if it is not already installed.

What does the update do? 
The update removes the vulnerability by ensuring that a race condition does not occur as a result of attempts to start the installation of multiple language packs.

When this security bulletin was issued, had this vulnerability been publicly disclosed? 
No. Microsoft received information about this vulnerability through responsible disclosure.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? 
No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued.

A remote code execution vulnerability exists in the way Internet Explorer accesses an object that has not been correctly initialized or that has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-1751.

Mitigating Factors for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:

  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • The Restricted sites zone helps reduce attacks that could try to exploit this vulnerability by preventing Active Scripting from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to this issue through the Web-based attack scenario.
  • By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See the FAQ section of this security update for more information about Internet Explorer Enhanced Security Configuration.

Workarounds for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751

Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:

  • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone

    You can help protect against this vulnerability by changing your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. To do this, follow these steps:

    1. In Internet Explorer, click Internet Options on the Tools menu.
    2. Click the Security tab.
    3. Click Internet, and then click Custom Level.
    4. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
    5. Click Local intranet, and then click Custom Level.
    6. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
    7. Click OK two times to return to Internet Explorer.

    Note Disabling Active Scripting in the Internet and Local intranet security zones may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly.

    Add sites that you trust to the Internet Explorer Trusted sites zone

    After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.

    To do this, follow these steps:

    1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab.
    2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.
    3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.
    4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add.
    5. Repeat these steps for each site that you want to add to the zone.
    6. Click OK two times to accept the changes and return to Internet Explorer.

    Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and “*.update.microsoft.com” (without the quotation marks). These are the sites that will host the update, and it requires an ActiveX Control to install the update.

    Impact of Workaround: There are side effects to prompting before running Active Scripting. Many Web sites that are on the Internet or on an intranet use Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use Active Scripting to provide menus, ordering forms, or even account statements. Prompting before running Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”.

  • Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones

    You can help protect against this vulnerability by changing your settings for the Internet security zone to prompt before running ActiveX controls and Active Scripting. You can do this by setting your browser security to High.

    To raise the browsing security level in Internet Explorer, follow these steps:

    1. On the Internet Explorer Tools menu, click Internet Options.
    2. In the Internet Options dialog box, click the Security tab, and then click the Internet icon.
    3. Under Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High.

    Note If no slider is visible, click Default Level, and then move the slider to High.

    Note Setting the level to High may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High.

FAQ for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751

What is the scope of the vulnerability? 
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data.

What causes the vulnerability? 
Internet Explorer attempts to access an object which has not been initialized or has been deleted. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

What might an attacker use the vulnerability to do? 
An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

How could an attacker exploit the vulnerability? 
An attacker could host a specially crafted Web site that is designed to exploit these vulnerabilities through Internet Explorer and then convince a user to visit the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

What systems are primarily at risk from the vulnerability? 
This vulnerability requires that a user be logged on and visit a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities.

I am running Internet Explorer for Windows Server 2003. Does this mitigate this vulnerability? 
Yes. By default, Internet Explorer for Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running malicious Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration.

What does the update do? 
The update removes the vulnerability by modifying the way that Internet Explorer handles errors when calls are made to objects that are no longer initialized.

When this security bulletin was issued, had this vulnerability been publicly disclosed? 
No. Microsoft received information about this vulnerability through responsible disclosure.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? 
No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued.

A spoofing vulnerability exists in Internet Explorer that could allow an attacker to display spoofed content in the Navigation canceled page. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-1499.

Mitigating Factors for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1499

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:

  • User interaction, while expected, is required to exploit this vulnerability.
  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
  • Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4, Internet Explorer 6 Service Pack 1 when installed on Windows 2000 Service Pack 4, and Internet Explorer 6 are not affected by this vulnerability.

Workarounds for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1499

Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:

  • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone

    You can help protect against this vulnerability by changing your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. To do this, follow these steps:

    1. In Internet Explorer, click Internet Options on the Tools menu.
    2. Click the Security tab.
    3. Click Internet, and then click Custom Level.
    4. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
    5. Click Local intranet, and then click Custom Level.
    6. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
    7. Click OK two times to return to Internet Explorer.

    Note Disabling Active Scripting in the Internet and Local intranet security zones may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly.

    Impact of workaround: There are side effects to prompting before running Active Scripting. Many Web sites that are on the Internet or on an intranet use Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use Active Scripting to provide menus, ordering forms, or even account statements. Prompting before running Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”.

    Add sites that you trust to the Internet Explorer Trusted sites zone

    After you set Internet Explorer to require a prompt before it runs ActiveX controls or Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.

    To do this, follow these steps:

    1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab.
    2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.
    3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.
    4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add.
    5. Repeat these steps for each site that you want to add to the zone.
    6. Click OK two times to accept the changes and return to Internet Explorer.

    Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are *.windowsupdate.microsoft.com and *.update.microsoft.com. These are the sites that will host the update, and it requires an ActiveX Control to install the update.

FAQ for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1499

What is the scope of the vulnerability?
This is a spoofing vulnerability in Internet Explorer. The vulnerability could allow an attacker to display spoofed content in a browser window.

What causes the vulnerability? 
Internet Explorer incorrectly allows the modification of the navigation cancel page. As a result, an attacker could modify a URL which is otherwise trusted by a user.

How could an attacker exploit the vulnerability?
An attacker could host a specially crafted Web site, which is designed to exploit the vulnerability, and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

What systems are primarily at risk from the vulnerability?
This vulnerability requires that a user click on a URL for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability.

What does the update do?
The update removes the vulnerability by modifying the “Navigation to the webpage was canceled” page so no attempt can be made to modify it by script.

When this security bulletin was issued, had this vulnerability been publicly disclosed?
Yes. This vulnerability has been publicly disclosed. It has been assigned Common Vulnerability and Exposure number CVE-2007-1499.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited?
No. Microsoft had seen examples of proof of concept code published publicly but had not received any information to indicate that this vulnerability had been publicly used to attack customers when this security bulletin was originally issued.

Does applying this security update help protect customers from the code that has been published publicly that attempts to exploit this vulnerability?
Yes. This security update addresses the vulnerability that potentially could be exploited by using the published proof of concept code. The vulnerability that has been addressed has been assigned the Common Vulnerability and Exposure number CVE-2007-1499.

A remote code execution vulnerability exists in a component of Microsoft Speech API 4. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-2222.

Mitigating Factors for Speech Control Memory Corruption Vulnerability - CVE-2007-2222

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:

  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail or Instant Messenger message that takes users to the attacker's Web site.
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Workarounds for Speech Control Memory Corruption Vulnerability - CVE-2007-2222

Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:

  • Prevent COM objects from running in Internet Explorer

    You can disable attempts to instantiate a COM object in Internet Explorer by setting the kill bit for the control in the registry.

    Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

    For detailed steps that you can use to prevent a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow these steps in this article to create a Compatibility Flags value in the registry to prevent a COM object from being instantiated in Internet Explorer.

    Note The Class Identifiers and corresponding files where the COM objects are contained are documented under “What does the update do?” in the “FAQ for Speech Control Memory Corruption Vulnerability - CVE-2007-2222” section. Replace {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} below with the Class Identifiers found in this section.

    To set the kill bit for a CLSID with a value of {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}, paste the following text in a text editor such as Notepad. Then, save the file by using the .reg file name extension.


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{ XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX }]
    "Compatibility Flags"=dword:00000400

    You can apply this .reg file to individual systems by double-clicking it. You can also apply it across domains by using Group Policy. For more information about Group Policy, visit the following Microsoft Web sites:

    Note You must restart Internet Explorer for your changes to take effect.

    Impact of Workaround: There is no impact as long as the object is not intended to be used in Internet Explorer.

FAQ for Speech Control Memory Corruption Vulnerability - CVE-2007-2222

What is the scope of the vulnerability? 
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data.

What causes the vulnerability? 
When the ActiveX object is used in Internet Explorer, the object may corrupt the system state in such a way that an attacker could execute arbitrary code.

What might an attacker use the vulnerability to do? 
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

How could an attacker exploit the vulnerability? 
An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger request that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

What systems are primarily at risk from the vulnerability? 
This vulnerability requires that a user be logged on and visit a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability.

What is Microsoft Speech? 
Microsoft Speech is a technology for speech-based interaction with Windows-based computers. Microsoft Speech SDKs provide continuous speech recognition and text-to-speech engines, tools, sample source code, and information needed for developing speech-enabled applications for Windows.

What does the update do? 
This update sets the kill bit for a list of Class Identifier (CLSIDs).

The Class Identifies and corresponding files are as follows:

Class IdentifierFile
{4E3D9D1F-0C63-11D1-8BFB-0060081841DE}Xlisten.dll
{EEE78591-FE22-11D0-8BEF-0060081841DE}Xvoice.dll

When this security bulletin was issued, had this vulnerability been publicly disclosed? 
No. Microsoft received information about this vulnerability through responsible disclosure.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? 
No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued.

Update Information

Manage the software and security updates you need to deploy to the servers, desktop, and mobile computers in your organization. For more information see the TechNet Update Management Center. The Microsoft TechNet Security Web site provides additional information about security in Microsoft products.

Security updates are available from Microsoft Update, Windows Update, and Office Update. Security updates are also available at the Microsoft Download Center. You can find them most easily by doing a keyword search for "security_patch." Finally, security updates can be downloaded from the Windows Update Catalog. For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166.

Detection and Deployment Guidance

Microsoft has provided detection and deployment guidance for this month’s security updates. This guidance will also help IT professionals understand how they can use various tools to help deploy the security update, such as Windows Update, Microsoft Update, Office Update, the Microsoft Baseline Security Analyzer (MBSA), the Office Detection Tool, Microsoft Systems Management Server (SMS), the Extended Security Update Inventory Tool, and the Enterprise Update Scan Tool (EST). For more information, see Microsoft Knowledge Base Article 910723.

Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer (MBSA) allows administrators to scan local and remote systems for missing security updates as well as common security misconfigurations. For more information about MBSA visit Microsoft Baseline Security Analyzer Web site. The following table provides the MBSA detection summary for this security update.

SoftwareMBSA 1.2.1MBSA 2.0.1
Microsoft Windows 2000 Service Pack 4YesYes
Windows XP Service Pack 2YesYes
Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2NoYes
Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2YesYes
Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2NoYes
Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 with SP2 for Itanium-based SystemsNoYes
Windows VistaNoSee Note for Windows Vista below
Windows Vista x64 EditionNoSee Note for Windows Vista below

Note MBSA 1.2.1 does not support systems with Internet Explorer 7 installed. MBSA 2.0 does support systems with Internet Explorer 7 installed.

Note for Windows Vista Microsoft does not support installing MBSA 2.0.1 on computers that run Windows Vista, but you may install MBSA 2.0.1 on a supported operating system and then scan the Windows Vista-based computer remotely. For additional information about MBSA support for Windows Vista, visit the MBSA Web site. See also Microsoft Knowledge Base Article 931943: Microsoft Baseline Security Analyzer (MBSA) support for Windows Vista.

For more information about MBSA, visit the MBSA Web site. For more information about the software that Microsoft Update and MBSA 2.0 currently do not detect, see Microsoft Knowledge Base Article 895660.

Windows Server Update Services

By using Windows Server Update Services (WSUS), administrators can deploy the latest critical updates and security updates for Windows 2000 operating systems and later, Office XP and later, Exchange Server 2003, and SQL Server 2000 to Windows 2000 and later operating systems. For more information about how to deploy this security update using Windows Server Update Services, visit the Windows Server Update Services Web site.

Systems Management Server

The following table provides the SMS detection and deployment summary for this security update.

SoftwareSMS 2.0SMS 2003
Microsoft Windows 2000 Service Pack 4YesYes
Windows XP Service Pack 2YesYes
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2NoYes
Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2YesYes
Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2NoYes
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based SystemsNoYes
Windows VistaNoSee Note for Windows Vista below
Windows Vista x64 EditionNoSee Note for Windows Vista below

SMS 2.0 and SMS 2003 Software Update Services (SUS) Feature Pack can use MBSA 1.2.1 for detection and therefore have the same limitation that is listed earlier in this bulletin related to programs that MBSA 1.2.1 does not detect.

For SMS 2.0, the SMS SUS Feature Pack, which includes the Security Update Inventory Tool (SUIT), can be used by SMS to detect security updates. SMS SUIT uses the MBSA 1.2.1 engine for detection. For more information about SUIT, visit the following Microsoft Web site. For more information about the limitations of SUIT, see Microsoft Knowledge Base Article 306460. The SMS SUS Feature Pack also includes the Microsoft Office Inventory Tool to detect required updates for Microsoft Office applications.

For SMS 2003, the SMS 2003 Inventory Tool for Microsoft Updates (ITMU) can be used by SMS to detect security updates that are offered by Microsoft Update and that are supported by Windows Server Update Services. For more information about the SMS 2003 ITMU, visit the following Microsoft Web site. SMS 2003 can also use the Microsoft Office Inventory Tool to detect required updates for Microsoft Office applications.

Note for Windows Vista  Microsoft Systems Management Server 2003 with Service Pack 3 includes support for Windows Vista manageability.

For more information about SMS, visit the SMS Web site.

Affected Software

For information about the specific security update for your affected software, click the appropriate link:

Windows 2000 (all editions)

Reference Table

The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section.

Inclusion in Future Service PacksThe update for this issue may be included in a future update rollup
Deployment
Installing without user interventionInternet Explorer 5.01 Service Pack 4:
IE5.01sp4-KB933566-Windows2000sp4-x86-enu /quiet
Internet Explorer 6 Service Pack 1:
IE6.0sp1-KB933566-Windows2000-x86-enu /quiet
Installing without restartingInternet Explorer 5.01 Service Pack 4:
IE5.01sp4-KB933566-Windows2000sp4-x86-enu /norestart
Internet Explorer 6 Service Pack 1:
IE6.0sp1-KB933566-Windows2000-x86-enu /norestart
Update log fileInternet Explorer 5.01 Service Pack 4:
KB933566-IE501SP4-20070530.120000.log
Internet Explorer 6 Service Pack 1:
KB933566-IE6SP1-20070423.120000.log
Further informationSee the subsection, Detection and Deployment Tools and Guidance
Restart Requirement
Restart requiredYes, you must restart your system after you apply this security update
HotpatchingNot applicable
Removal InformationInternet Explorer 5.01 Service Pack 4:
Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB933566-IE501SP4-20070530.120000$\Spuninst folder
Internet Explorer 6 Service Pack 1:
Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB933566-IE6SP1-20070423.120000$\Spuninst folder
File InformationSee the subsection, File Information, in this section for the full file manifest
Registry Key VerificationFor Internet Explorer 5.01 Service Pack 4 on all supported editions of Microsoft Windows 2000 Service Pack 4:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Internet Explorer 5.01\SP4\KB933566-IE501SP4-20070530.120000\Filelist
For Internet Explorer 6 Service Pack 1 when installed on all supported editions of Microsoft Windows 2000 Service Pack 4:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Internet Explorer 6\SP1\KB933566-IE6SP1-20070417.120000\Filelist

File Information

The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

For Internet Explorer 5.01 Service Pack 4 on all supported editions of Windows 2000:

File NameVersionDateTimeSize
Browseui.dll5.0.3852.230023-Apr-200716:11792,848
Danim.dll6.1.9.72911-Apr-200719:151,134,352
Iepeers.dll5.0.3852.230023-Apr-200717:24100,112
Inseng.dll5.0.3852.230023-Apr-200716:1574,000
Jsproxy.dll5.0.3852.230023-Apr-200716:1513,584
Mshtml.dll5.0.3853.300030-May-200719:282,303,760
Msrating.dll5.0.3852.230023-Apr-200716:13149,776
Pngfilt.dll5.0.3852.230023-Apr-200717:2448,912
Shdocvw.dll5.0.3852.230023-Apr-200716:111,104,656
Shlwapi.dll5.0.3900.713212-Apr-200722:56284,432
Url.dll5.50.4976.120012-Apr-200721:2884,240
Urlmon.dll5.0.3852.230023-Apr-200716:15425,232
Wininet.dll5.0.3852.230023-Apr-200716:15451,344

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 6 Service Pack 1 when installed on all supported editions of Windows 2000:

File NameVersionDateTimeSizeFolder
Browseui.dll6.0.2800.190913-Apr-200717:081,017,856RTMGDR
Cdfview.dll6.0.2800.190913-Apr-200717:09143,360RTMGDR
Danim.dll6.3.1.14820-Feb-200709:481,054,208RTMGDR
Dxtmsft.dll6.3.2800.159513-Apr-200716:56351,744RTMGDR
Dxtrans.dll6.3.2800.159513-Apr-200716:56192,512RTMGDR
Iepeers.dll6.0.2800.159513-Apr-200716:56236,032RTMGDR
Inseng.dll6.0.2800.159513-Apr-200716:5669,632RTMGDR
Jsproxy.dll6.0.2800.159513-Apr-200716:5712,288RTMGDR
Mshtml.dll6.0.2800.159516-Apr-200719:252,704,896RTMGDR
Msrating.dll6.0.2800.190913-Apr-200717:10132,096RTMGDR
Mstime.dll6.0.2800.159513-Apr-200716:56498,176RTMGDR
Pngfilt.dll6.0.2800.159513-Apr-200716:5634,816RTMGDR
Shdocvw.dll6.0.2800.190913-Apr-200717:081,340,416RTMGDR
Shlwapi.dll6.0.2800.190913-Apr-200717:08402,944RTMGDR
Urlmon.dll6.0.2800.159513-Apr-200716:57462,336RTMGDR
Wininet.dll6.0.2800.159513-Apr-200716:58575,488RTMGDR
Browseui.dll6.0.2800.190913-Apr-200717:081,017,856RTMQFE
Cdfview.dll6.0.2800.190913-Apr-200717:09143,360RTMQFE
Danim.dll6.3.1.14820-Feb-200709:481,054,208RTMQFE
Dxtmsft.dll6.3.2800.159613-Apr-200716:54351,744RTMQFE
Dxtrans.dll6.3.2800.159613-Apr-200716:54192,512RTMQFE
Iepeers.dll6.0.2800.159613-Apr-200716:54236,544RTMQFE
Inseng.dll6.0.2800.159613-Apr-200716:5469,632RTMQFE
Jsproxy.dll6.0.2800.159613-Apr-200716:5512,288RTMQFE
Mshtml.dll6.0.2800.159616-Apr-200719:222,712,576RTMQFE
Msrating.dll6.0.2800.190913-Apr-200717:10132,096RTMQFE
Mstime.dll6.0.2800.159613-Apr-200716:54498,176RTMQFE
Pngfilt.dll6.0.2800.159613-Apr-200716:5438,912RTMQFE
Shdocvw.dll6.0.2800.190913-Apr-200717:081,340,416RTMQFE
Shlwapi.dll6.0.2800.190913-Apr-200717:08402,944RTMQFE
Urlmon.dll6.0.2800.159613-Apr-200716:55464,384RTMQFE
Wininet.dll6.0.2800.159613-Apr-200716:56587,776RTMQFE

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

Deployment Information

Installing the Update

When you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix.

If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994.

For more information about the installer, visit the Microsoft TechNet Web site.

For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684.

This security update supports the following setup switches.

Supported Security Update Installation Switches
SwitchDescription
/helpDisplays the command-line options
Setup Modes
/passiveUnattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.
/quietQuiet mode. This is the same as unattended mode, but no status or error messages are displayed.
Restart Options
/norestartDoes not restart when installation has completed
/forcerestartRestarts the computer after installation and force other applications to close at shutdown without saving open files first.
/warnrestart[:x]Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.
/promptrestartDisplay a dialog box prompting the local user to allow a restart
Special Options
/overwriteoemOverwrites OEM files without prompting
/nobackupDoes not back up files needed for uninstall
/forceappscloseForces other programs to close when the computer shuts down
/log:pathAllows the redirection of installation log files
/extract[:path]Extracts files without starting the Setup program
/EREnables extended error reporting
/verboseEnables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly.

Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841.

Removing the Update

This security update supports the following setup switches.

Supported Spuninst.exe Switches
SwitchDescription
/helpDisplays the command-line options
Setup Modes
/passiveUnattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.
/quietQuiet mode. This is the same as unattended mode, but no status or error messages are displayed.
Restart Options
/norestartDoes not restart when installation has completed
/forcerestartRestarts the computer after installation and force other applications to close at shutdown without saving open files first.
/warnrestart[:x]Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.
/promptrestartDisplay a dialog box prompting the local user to allow a restart
Special Options
/forceappscloseForces other programs to close when the computer shuts down
/log:pathAllows the redirection of installation log files

Verifying That the Update Has Been Applied

  • Microsoft Baseline Security Analyzer

    To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information.

  • File Version Verification

    Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps.

    1. Click Start, and then click Search.
    2. In the Search Results pane, click All files and folders under Search Companion.
    3. In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search.
    4. In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

      Note Depending on the edition of the operating system, or the programs that are installed on your system, some of the files that are listed in the file information table may not be installed.
    5. On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table.

      Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation.
  • Registry Key Verification

    You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section.

    These registry keys may not contain a complete list of installed files. Also, these registry keys may not be created correctly when an administrator or an OEM integrates or slipstreams this security update into the Windows installation source files.

Windows XP (all editions)

Reference Table

The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section.

Inclusion in Future Service PacksThe update for this issue will be included in a future service pack or update rollup
Deployment
Installing without user interventionInternet Explorer 6 for Windows XP Service Pack 2:
Windowsxp-kb933566-x86-enu /quiet
Internet Explorer 7 for Windows XP Service Pack 2:
IE7-KB933566-WindowsXP-x86-enu /quiet
Installing without restartingInternet Explorer 6 for Windows XP Service Pack 2:
Windowsxp-kb933566-x86-enu /norestart
Internet Explorer 7 for Windows XP Service Pack 2:
IE7-KB933566-WindowsXP-x86-enu /norestart
Update log fileInternet Explorer 6 for Windows XP Service Pack 2:
KB933566.log
Internet Explorer 7 for Windows XP Service Pack 2:
KB933566-IE7.log
Further informationSee the subsection, Detection and Deployment Tools and Guidance
Restart Requirement
Restart requiredYes, you must restart your system after you apply this security update
HotpatchingNot applicable
Removal InformationInternet Explorer 6 for Windows XP:
Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB933566$\Spuninst folder
Internet Explorer 7 for Windows XP:
Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\ie7updates\KB933566-IE7\spuninst folder
File InformationSee the subsection, File Information, in this section for the full file manifest
Registry Key VerificationInternet Explorer 6 for all supported 32-bit editions of Windows XP:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB933566\Filelist
Internet Explorer 6 for all supported x64 editions of Windows XP:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP Version 2003\SP2\KB933566\Filelist
Internet Explorer 7 for all supported 32-bit editions of Windows XP:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB933566-IE7\Filelist
Internet Explorer 7 for all supported x64 editions of Windows XP:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP Version 2003\SP0\KB933566-IE7\Filelist

File Information

The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

For Internet Explorer 6 for all supported 32-bit editions of Windows XP:

File NameVersionDateTimeSizeFolder
Browseui.dll6.0.2900.312118-Apr-200712:311,023,488SP2GDR
Cdfview.dll6.0.2900.312118-Apr-200712:31151,040SP2GDR
Danim.dll6.3.1.14818-Apr-200712:311,054,208SP2GDR
Dxtmsft.dll6.3.2900.312118-Apr-200712:31357,888SP2GDR
Dxtrans.dll6.3.2900.312118-Apr-200712:31205,312SP2GDR
Extmgr.dll6.0.2900.312118-Apr-200712:3155,808SP2GDR
Iedw.exe5.1.2600.312118-Apr-200710:2218,432SP2GDR
Iepeers.dll6.0.2900.312118-Apr-200712:31251,392SP2GDR
Inseng.dll6.0.2900.312118-Apr-200712:3196,256SP2GDR
Jsproxy.dll6.0.2900.312118-Apr-200712:3116,384SP2GDR
Mshtml.dll6.0.2900.313204-May-200712:293,058,688SP2GDR
Mshtmled.dll6.0.2900.312118-Apr-200712:31449,024SP2GDR
Msrating.dll6.0.2900.312118-Apr-200712:31146,432SP2GDR
Mstime.dll6.0.2900.312118-Apr-200712:31532,480SP2GDR
Pngfilt.dll6.0.2900.312118-Apr-200712:3139,424SP2GDR
Shdocvw.dll6.0.2900.312118-Apr-200712:311,494,528SP2GDR
Shlwapi.dll6.0.2900.312118-Apr-200712:31474,112SP2GDR
Urlmon.dll6.0.2900.312118-Apr-200712:31615,424SP2GDR
Wininet.dll6.0.2900.312118-Apr-200712:31658,944SP2GDR
Xpsp3res.dll5.1.2600.312118-Apr-200709:51115,200SP2GDR
Browseui.dll6.0.2900.312118-Apr-200712:461,022,976SP2QFE
Cdfview.dll6.0.2900.312118-Apr-200712:46151,040SP2QFE
Danim.dll6.3.1.14818-Apr-200712:461,054,208SP2QFE
Dxtmsft.dll6.3.2900.312118-Apr-200712:46357,888SP2QFE
Dxtrans.dll6.3.2900.312118-Apr-200712:46205,312SP2QFE
Extmgr.dll6.0.2900.312118-Apr-200712:4655,808SP2QFE
Iedw.exe5.1.2600.312118-Apr-200710:4218,432SP2QFE
Iepeers.dll6.0.2900.312118-Apr-200712:46251,904SP2QFE
Inseng.dll6.0.2900.312118-Apr-200712:4696,256SP2QFE
Jsproxy.dll6.0.2900.312118-Apr-200712:4616,384SP2QFE
Mshtml.dll6.0.2900.313204-May-200712:593,064,320SP2QFE
Mshtmled.dll6.0.2900.312118-Apr-200712:46449,024SP2QFE
Msrating.dll6.0.2900.312118-Apr-200712:46146,432SP2QFE
Mstime.dll6.0.2900.312118-Apr-200712:46532,480SP2QFE
Pngfilt.dll6.0.2900.312118-Apr-200712:4639,424SP2QFE
Shdocvw.dll6.0.2900.312118-Apr-200712:461,498,112SP2QFE
Shlwapi.dll6.0.2900.312118-Apr-200712:46474,112SP2QFE
Urlmon.dll6.0.2900.312118-Apr-200712:46616,960SP2QFE
Wininet.dll6.0.2900.312118-Apr-200712:46665,600SP2QFE
Xpsp3res.dll5.1.2600.312118-Apr-200710:07248,320SP2QFE

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 7 for all supported 32-bit editions of Windows XP:

File NameVersionDateTimeSize
Advpack.dll7.0.6000.1647325-Apr-200708:41124,928
Extmgr.dll7.0.6000.1647325-Apr-200708:41132,608
Ie4uinit.exe7.0.6000.1647324-Apr-200714:2656,832
Ieakeng.dll7.0.6000.1647325-Apr-200708:41153,088
Ieaksie.dll7.0.6000.1647325-Apr-200708:41230,400
Ieakui.dll7.0.6000.1647324-Apr-200707:30161,792
Ieapfltr.dat7.0.6011.017-Apr-200709:282,455,488
Ieapfltr.dll7.0.6000.1646125-Apr-200708:41383,488
Iedkcs32.dll17.0.6000.1647325-Apr-200708:41384,512
Ieframe.dll7.0.6000.1647325-Apr-200708:416,058,496
Ieframe.dll.mui7.0.6000.1641409-Feb-200713:26991,232
Iernonce.dll7.0.6000.1647325-Apr-200708:4144,544
Iertutil.dll7.0.6000.1647325-Apr-200708:41267,776
Ieudinit.exe7.0.6000.1647324-Apr-200714:2613,824
Iexplore.exe7.0.6000.1647324-Apr-200714:26625,152
Inetcpl.cpl7.0.6000.1647325-Apr-200708:411,824,768
Jsproxy.dll7.0.6000.1647325-Apr-200708:4127,648
Msfeeds.dll7.0.6000.1647325-Apr-200708:41459,264
Msfeedsbs.dll7.0.6000.1647325-Apr-200708:4152,224
Mshtml.dll7.0.6000.1648108-May-200709:243,583,488
Mshtmled.dll7.0.6000.1647325-Apr-200708:41477,696
Msrating.dll7.0.6000.1647325-Apr-200708:41193,024
Mstime.dll7.0.6000.1647325-Apr-200708:41670,720
Occache.dll7.0.6000.1647325-Apr-200708:41102,400
Url.dll7.0.6000.1647325-Apr-200708:41105,984
Urlmon.dll7.0.6000.1647325-Apr-200708:411,152,000
Webcheck.dll7.0.6000.1647325-Apr-200708:41232,960
Wininet.dll7.0.6000.1647325-Apr-200708:41822,784
Advpack.dll7.0.6000.2058325-Apr-200709:08124,928
Extmgr.dll7.0.6000.2058325-Apr-200709:08132,608
Ie4uinit.exe7.0.6000.2058324-Apr-200714:2056,832
Ieakeng.dll7.0.6000.2058325-Apr-200709:08153,088
Ieaksie.dll7.0.6000.2058325-Apr-200709:08230,400
Ieakui.dll7.0.6000.2058324-Apr-200708:45161,792
Ieapfltr.dat7.0.6011.017-Apr-200709:282,455,488
Ieapfltr.dll7.0.6000.1646125-Apr-200709:08383,488
Iedkcs32.dll17.0.6000.2058325-Apr-200709:08384,512
Ieframe.dll7.0.6000.2058325-Apr-200709:086,059,008
Ieframe.dll.mui7.0.6000.1641409-Feb-200713:26991,232
Iernonce.dll7.0.6000.2058325-Apr-200709:0844,544
Iertutil.dll7.0.6000.2058325-Apr-200709:08267,776
Ieudinit.exe7.0.6000.2058324-Apr-200714:2013,824
Iexplore.exe7.0.6000.2058324-Apr-200714:20625,152
Inetcpl.cpl7.0.6000.2058325-Apr-200709:081,824,256
Jsproxy.dll7.0.6000.2058325-Apr-200709:0827,648
Msfeeds.dll7.0.6000.2058325-Apr-200709:08459,264
Msfeedsbs.dll7.0.6000.2058325-Apr-200709:0852,224
Mshtml.dll7.0.6000.2059108-May-200709:253,584,000
Mshtmled.dll7.0.6000.2058325-Apr-200709:08477,696
Msrating.dll7.0.6000.2058325-Apr-200709:08193,024
Mstime.dll7.0.6000.2058325-Apr-200709:08670,720
Occache.dll7.0.6000.2058325-Apr-200709:08102,400
Url.dll7.0.6000.2058325-Apr-200709:08105,984
Urlmon.dll7.0.6000.2058325-Apr-200709:081,153,536
Webcheck.dll7.0.6000.2058325-Apr-200709:08232,960
Wininet.dll7.0.6000.2058325-Apr-200709:08823,808

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 6 for all supported x64 editions of Windows XP:

File NameVersionDateTimeSizeCPUFolder
Browseui.dll6.0.3790.292003-May-200720:211,605,120x64SP1GDR
Danim.dll6.3.1.14803-May-200720:221,989,120x64SP1GDR
Dxtmsft.dll6.3.3790.292003-May-200720:22561,664x64SP1GDR
Dxtrans.dll6.3.3790.292003-May-200720:22332,288x64SP1GDR
Iepeers.dll6.0.3790.292003-May-200720:22369,664x64SP1GDR
Jsproxy.dll6.0.3790.292003-May-200720:2224,064x64SP1GDR
Mshtml.dll6.0.3790.292003-May-200720:225,997,568x64SP1GDR
Mstime.dll6.0.3790.292003-May-200720:22900,608x64SP1GDR
Pngfilt.dll5.2.3790.292003-May-200720:2264,000x64SP1GDR
Shdocvw.dll6.0.3790.292003-May-200720:222,438,144x64SP1GDR
Shlwapi.dll6.0.3790.292003-May-200720:22621,568x64SP1GDR
Urlmon.dll6.0.3790.292003-May-200720:221,085,440x64SP1GDR
W03a2409.dll5.2.3790.292003-May-200720:224,608x64SP1GDR
Wininet.dll6.0.3790.292003-May-200720:221,187,840x64SP1GDR
Wbrowseui.dll6.0.3790.292003-May-200720:221,036,800x86SP1GDR\WOW
Wdanim.dll6.3.1.14803-May-200720:221,058,304x86SP1GDR\WOW
Wdxtmsft.dll6.3.3790.292003-May-200720:22363,008x86SP1GDR\WOW
Wdxtrans.dll6.3.3790.292003-May-200720:22212,480x86SP1GDR\WOW
Wiedw.exe5.2.3790.292003-May-200720:2217,920x86SP1GDR\WOW
Wiepeers.dll6.0.3790.292003-May-200720:22253,952x86SP1GDR\WOW
Wjsproxy.dll6.0.3790.292003-May-200720:2216,384x86SP1GDR\WOW
Wmshtml.dll6.0.3790.292003-May-200720:223,155,968x86SP1GDR\WOW
Wmstime.dll6.0.3790.292003-May-200720:22537,088x86SP1GDR\WOW
Wpngfilt.dll5.2.3790.292003-May-200720:2242,496x86SP1GDR\WOW
Wshdocvw.dll6.0.3790.292003-May-200720:221,515,008x86SP1GDR\WOW
Wshlwapi.dll6.0.3790.292003-May-200720:22321,536x86SP1GDR\WOW
Wurlmon.dll6.0.3790.292003-May-200720:22697,344x86SP1GDR\WOW
Ww03a2409.dll5.2.3790.292003-May-200720:224,096x86SP1GDR\WOW
Wwininet.dll6.0.3790.292003-May-200720:22662,528x86SP1GDR\WOW
Browseui.dll6.0.3790.292003-May-200720:211,605,120x64SP1QFE
Danim.dll6.3.1.14803-May-200720:211,989,120x64SP1QFE
Dxtmsft.dll6.3.3790.292003-May-200720:21561,664x64SP1QFE
Dxtrans.dll6.3.3790.292003-May-200720:21332,288x64SP1QFE
Iepeers.dll6.0.3790.292003-May-200720:21370,176x64SP1QFE
Jsproxy.dll6.0.3790.292003-May-200720:2124,064x64SP1QFE
Mshtml.dll6.0.3790.292003-May-200720:216,001,664x64SP1QFE
Mstime.dll6.0.3790.292003-May-200720:22900,608x64SP1QFE
Pngfilt.dll5.2.3790.292003-May-200720:2264,000x64SP1QFE
Shdocvw.dll6.0.3790.292003-May-200720:222,438,656x64SP1QFE
Shlwapi.dll6.0.3790.292003-May-200720:22621,568x64SP1QFE
Urlmon.dll6.0.3790.292003-May-200720:221,085,440x64SP1QFE
W03a2409.dll5.2.3790.292003-May-200720:2228,160x64SP1QFE
Wininet.dll6.0.3790.292003-May-200720:221,189,888x64SP1QFE
Wbrowseui.dll6.0.3790.292003-May-200720:221,036,800x86SP1QFE\WOW
Wdanim.dll6.3.1.14803-May-200720:221,058,304x86SP1QFE\WOW
Wdxtmsft.dll6.3.3790.292003-May-200720:22363,008x86SP1QFE\WOW
Wdxtrans.dll6.3.3790.292003-May-200720:22212,480x86SP1QFE\WOW
Wiedw.exe5.2.3790.292003-May-200720:2217,920x86SP1QFE\WOW
Wiepeers.dll6.0.3790.292003-May-200720:22253,952x86SP1QFE\WOW
Wjsproxy.dll6.0.3790.292003-May-200720:2216,384x86SP1QFE\WOW
Wmshtml.dll6.0.3790.292003-May-200720:223,158,528x86SP1QFE\WOW
Wmstime.dll6.0.3790.292003-May-200720:22537,088x86SP1QFE\WOW
Wpngfilt.dll5.2.3790.292003-May-200720:2242,496x86SP1QFE\WOW
Wshdocvw.dll6.0.3790.292003-May-200720:221,515,520x86SP1QFE\WOW
Wshlwapi.dll6.0.3790.292003-May-200720:22321,536x86SP1QFE\WOW
Wurlmon.dll6.0.3790.292003-May-200720:22697,344x86SP1QFE\WOW
Ww03a2409.dll5.2.3790.292003-May-200720:2227,648x86SP1QFE\WOW
Wwininet.dll6.0.3790.292003-May-200720:22666,112x86SP1QFE\WOW
Mshtml.dll6.0.3790.406403-May-200720:455,998,592x64SP2GDR
Shdocvw.dll6.0.3790.406403-May-200720:462,438,144x64SP2GDR
Urlmon.dll6.0.3790.407303-May-200720:461,088,000x64SP2GDR
Wmshtml.dll6.0.3790.406403-May-200720:463,131,904x86SP2GDR\WOW
Wshdocvw.dll6.0.3790.406403-May-200720:461,508,352x86SP2GDR\WOW
Wurlmon.dll6.0.3790.407303-May-200720:46697,856x86SP2GDR\WOW
Mshtml.dll6.0.3790.406404-May-200705:556,000,128x64SP2QFE
Shdocvw.dll6.0.3790.406404-May-200705:552,438,656x64SP2QFE
Urlmon.dll6.0.3790.407304-May-200705:551,088,000x64SP2QFE
Wmshtml.dll6.0.3790.406404-May-200705:553,132,416x86SP2QFE\WOW
Wshdocvw.dll6.0.3790.406404-May-200705:551,508,352x86SP2QFE\WOW
Wurlmon.dll6.0.3790.407304-May-200705:55697,856x86SP2QFE\WOW

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 7 for all supported x64 editions of Windows XP:

File NameVersionDateTimeSizeCPUFolder
Advpack.dll7.0.6000.1647307-May-200723:27161,280x64SP2GDR
Extmgr.dll7.0.6000.1647307-May-200723:27188,416x64SP2GDR
Ie4uinit.exe7.0.6000.1647307-May-200723:2768,608x64SP2GDR
Ieakeng.dll7.0.6000.1647307-May-200723:27196,096x64SP2GDR
Ieaksie.dll7.0.6000.1647307-May-200723:27267,776x64SP2GDR
Ieakui.dll7.0.6000.1647307-May-200723:27161,792x64SP2GDR
Ieapfltr.dat7.0.6011.007-May-200723:272,455,488x64SP2GDR
Ieapfltr.dll7.0.6000.1646107-May-200723:27424,448x64SP2GDR
Iedkcs32.dll17.0.6000.1647307-May-200723:27468,480x64SP2GDR
Ieframe.dll7.0.6000.1647307-May-200723:287,058,944x64SP2GDR
Ieframe.dll.mui7.0.6000.1641407-May-200723:28983,552x64SP2GDR
Iernonce.dll7.0.6000.1647307-May-200723:2857,344x64SP2GDR
Iertutil.dll7.0.6000.1647307-May-200723:28355,840x64SP2GDR
Ieudinit.exe7.0.6000.1647307-May-200723:2813,824x64SP2GDR
Iexplore.exe7.0.6000.1647307-May-200723:28679,424x64SP2GDR
Inetcpl.cpl7.0.6000.1647307-May-200723:282,025,472x64SP2GDR
Jsproxy.dll7.0.6000.1647307-May-200723:2832,256x64SP2GDR
Msfeeds.dll7.0.6000.1647307-May-200723:28553,984x64SP2GDR
Msfeedsbs.dll7.0.6000.1647307-May-200723:2875,264x64SP2GDR
Mshtml.dll7.0.6000.1648107-May-200723:285,668,352x64SP2GDR
Mshtmled.dll7.0.6000.1647307-May-200723:28758,784x64SP2GDR
Msrating.dll7.0.6000.1647307-May-200723:29242,176x64SP2GDR
Mstime.dll7.0.6000.1647307-May-200723:291,129,472x64SP2GDR
Occache.dll7.0.6000.1647307-May-200723:29151,040x64SP2GDR
Url.dll7.0.6000.1647307-May-200723:29108,544x64SP2GDR
Urlmon.dll7.0.6000.1647307-May-200723:291,418,752x64SP2GDR
Webcheck.dll7.0.6000.1647307-May-200723:29295,424x64SP2GDR
Wininet.dll7.0.6000.1647307-May-200723:291,019,392x64SP2GDR
Wadvpack.dll7.0.6000.1647307-May-200723:31124,928x86SP2GDR\WOW
Wextmgr.dll7.0.6000.1647307-May-200723:31132,608x86SP2GDR\WOW
Wie4uinit.exe7.0.6000.1647307-May-200723:3156,832x86SP2GDR\WOW
Wieakeng.dll7.0.6000.1647307-May-200723:31153,088x86SP2GDR\WOW
Wieaksie.dll7.0.6000.1647307-May-200723:31230,400x86SP2GDR\WOW
Wieakui.dll7.0.6000.1647307-May-200723:31161,792x86SP2GDR\WOW
Wieapfltr.dat7.0.6011.007-May-200723:312,455,488x64SP2GDR\WOW
Wieapfltr.dll7.0.6000.1646107-May-200723:31383,488x86SP2GDR\WOW
Wiedkcs32.dll17.0.6000.1647307-May-200723:31384,512x86SP2GDR\WOW
Wieframe.dll7.0.6000.1647307-May-200723:316,058,496x86SP2GDR\WOW
Wieframe.dll.mui7.0.6000.1641407-May-200723:31991,232x64SP2GDR\WOW
Wiernonce.dll7.0.6000.1647307-May-200723:3144,544x86SP2GDR\WOW
Wiertutil.dll7.0.6000.1647307-May-200723:31267,776x86SP2GDR\WOW
Wieudinit.exe7.0.6000.1647307-May-200723:3113,824x86SP2GDR\WOW
Wiexplore.exe7.0.6000.1647307-May-200723:31625,152x86SP2GDR\WOW
Winetcpl.cpl7.0.6000.1647307-May-200723:311,824,768x64SP2GDR\WOW
Wjsproxy.dll7.0.6000.1647307-May-200723:3127,648x86SP2GDR\WOW
Wmsfeeds.dll7.0.6000.1647307-May-200723:31459,264x86SP2GDR\WOW
Wmsfeedsbs.dll7.0.6000.1647307-May-200723:3152,224x86SP2GDR\WOW
Wmshtml.dll7.0.6000.1648107-May-200723:313,583,488x86SP2GDR\WOW
Wmshtmled.dll7.0.6000.1647307-May-200723:31477,696x86SP2GDR\WOW
Wmsrating.dll7.0.6000.1647307-May-200723:31193,024x86SP2GDR\WOW
Wmstime.dll7.0.6000.1647307-May-200723:31670,720x86SP2GDR\WOW
Woccache.dll7.0.6000.1647307-May-200723:31102,400x86SP2GDR\WOW
Wurl.dll7.0.6000.1647307-May-200723:31105,984x86SP2GDR\WOW
Wurlmon.dll7.0.6000.1647307-May-200723:311,152,000x86SP2GDR\WOW
Wwebcheck.dll7.0.6000.1647307-May-200723:31232,960x86SP2GDR\WOW
Wwininet.dll7.0.6000.1647307-May-200723:31822,784x86SP2GDR\WOW
Advpack.dll7.0.6000.2058307-May-200723:06161,280x64SP2QFE
Extmgr.dll7.0.6000.2058307-May-200723:06188,416x64SP2QFE
Ie4uinit.exe7.0.6000.2058307-May-200723:0668,608x64SP2QFE
Ieakeng.dll7.0.6000.2058307-May-200723:06195,584x64SP2QFE
Ieaksie.dll7.0.6000.2058307-May-200723:06267,264x64SP2QFE
Ieakui.dll7.0.6000.2058307-May-200723:06161,792x64SP2QFE
Ieapfltr.dat7.0.6011.007-May-200723:062,455,488x64SP2QFE
Ieapfltr.dll7.0.6000.1646107-May-200723:06424,448x64SP2QFE
Iedkcs32.dll17.0.6000.2058307-May-200723:06468,480x64SP2QFE
Ieframe.dll7.0.6000.2058307-May-200723:067,059,968x64SP2QFE
Ieframe.dll.mui7.0.6000.1641407-May-200723:07983,552x64SP2QFE
Iernonce.dll7.0.6000.2058307-May-200723:0757,344x64SP2QFE
Iertutil.dll7.0.6000.2058307-May-200723:07355,840x64SP2QFE
Ieudinit.exe7.0.6000.2058307-May-200723:0713,824x64SP2QFE
Iexplore.exe7.0.6000.2058307-May-200723:07679,424x64SP2QFE
Inetcpl.cpl7.0.6000.2058307-May-200723:072,025,472x64SP2QFE
Jsproxy.dll7.0.6000.2058307-May-200723:0732,256x64SP2QFE
Msfeeds.dll7.0.6000.2058307-May-200723:07553,984x64SP2QFE
Msfeedsbs.dll7.0.6000.2058307-May-200723:0775,264x64SP2QFE
Mshtml.dll7.0.6000.2059107-May-200723:075,669,888x64SP2QFE
Mshtmled.dll7.0.6000.2058307-May-200723:08758,784x64SP2QFE
Msrating.dll7.0.6000.2058307-May-200723:08242,176x64SP2QFE
Mstime.dll7.0.6000.2058307-May-200723:081,129,472x64SP2QFE
Occache.dll7.0.6000.2058307-May-200723:08151,040x64SP2QFE
Url.dll7.0.6000.2058307-May-200723:08108,544x64SP2QFE
Urlmon.dll7.0.6000.2058307-May-200723:091,420,800x64SP2QFE
Webcheck.dll7.0.6000.2058307-May-200723:09295,424x64SP2QFE
Wininet.dll7.0.6000.2058307-May-200723:091,020,928x64SP2QFE
Wadvpack.dll7.0.6000.2058307-May-200723:13124,928x86SP2QFE\WOW
Wextmgr.dll7.0.6000.2058307-May-200723:13132,608x86SP2QFE\WOW
Wie4uinit.exe7.0.6000.2058307-May-200723:1356,832x86SP2QFE\WOW
Wieakeng.dll7.0.6000.2058307-May-200723:13153,088x86SP2QFE\WOW
Wieaksie.dll7.0.6000.2058307-May-200723:13230,400x86SP2QFE\WOW
Wieakui.dll7.0.6000.2058307-May-200723:13161,792x86SP2QFE\WOW
Wieapfltr.dat7.0.6011.007-May-200723:132,455,488x64SP2QFE\WOW
Wieapfltr.dll7.0.6000.1646107-May-200723:13383,488x86SP2QFE\WOW
Wiedkcs32.dll17.0.6000.2058307-May-200723:13384,512x86SP2QFE\WOW
Wieframe.dll7.0.6000.2058307-May-200723:136,059,008x86SP2QFE\WOW
Wieframe.dll.mui7.0.6000.1641407-May-200723:13991,232x64SP2QFE\WOW
Wiernonce.dll7.0.6000.2058307-May-200723:1344,544x86SP2QFE\WOW
Wiertutil.dll7.0.6000.2058307-May-200723:13267,776x86SP2QFE\WOW
Wieudinit.exe7.0.6000.2058307-May-200723:1313,824x86SP2QFE\WOW
Wiexplore.exe7.0.6000.2058307-May-200723:13625,152x86SP2QFE\WOW
Winetcpl.cpl7.0.6000.2058307-May-200723:131,824,256x64SP2QFE\WOW
Wjsproxy.dll7.0.6000.2058307-May-200723:1327,648x86SP2QFE\WOW
Wmsfeeds.dll7.0.6000.2058307-May-200723:13459,264x86SP2QFE\WOW
Wmsfeedsbs.dll7.0.6000.2058307-May-200723:1352,224x86SP2QFE\WOW
Wmshtml.dll7.0.6000.2059107-May-200723:133,584,000x86SP2QFE\WOW
Wmshtmled.dll7.0.6000.2058307-May-200723:13477,696x86SP2QFE\WOW
Wmsrating.dll7.0.6000.2058307-May-200723:13193,024x86SP2QFE\WOW
Wmstime.dll7.0.6000.2058307-May-200723:13670,720x86SP2QFE\WOW
Woccache.dll7.0.6000.2058307-May-200723:13102,400x86SP2QFE\WOW
Wurl.dll7.0.6000.2058307-May-200723:13105,984x86SP2QFE\WOW
Wurlmon.dll7.0.6000.2058307-May-200723:131,153,536x86SP2QFE\WOW
Wwebcheck.dll7.0.6000.2058307-May-200723:13232,960x86SP2QFE\WOW
Wwininet.dll7.0.6000.2058307-May-200723:13823,808x86SP2QFE\WOW

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

Deployment Information

Installing the Update

When you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix.

If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994.

For more information about the installer, visit the Microsoft TechNet Web site.

For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684.

This security update supports the following setup switches.

Supported Security Update Installation Switches
SwitchDescription
/helpDisplays the command-line options
Setup Modes
/passiveUnattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.
/quietQuiet mode. This is the same as unattended mode, but no status or error messages are displayed.
Restart Options
/norestartDoes not restart when installation has completed
/forcerestartRestarts the computer after installation and force other applications to close at shutdown without saving open files first.
/warnrestart[:x]Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.
/promptrestartDisplay a dialog box prompting the local user to allow a restart
Special Options
/overwriteoemOverwrites OEM files without prompting
/nobackupDoes not back up files needed for uninstall
/forceappscloseForces other programs to close when the computer shuts down
/log:pathAllows the redirection of installation log files
/integrate:pathIntegrates the update into the Windows source files. These files are located at the path that is specified in the switch.
/extract[:path]Extracts files without starting the Setup program
/EREnables extended error reporting
/verboseEnables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly.

Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841.

Removing the Update

This security update supports the following setup switches.

Supported Spuninst.exe Switches
SwitchDescription
/helpDisplays the command-line options
Setup Modes
/passiveUnattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.
/quietQuiet mode. This is the same as unattended mode, but no status or error messages are displayed.
Restart Options
/norestartDoes not restart when installation has completed
/forcerestartRestarts the computer after installation and force other applications to close at shutdown without saving open files first.
/warnrestart[:x]Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.
/promptrestartDisplay a dialog box prompting the local user to allow a restart
Special Options
/forceappscloseForces other programs to close when the computer shuts down
/log:pathAllows the redirection of installation log files

Verifying That the Update Has Been Applied

  • Microsoft Baseline Security Analyzer

    To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information.

  • File Version Verification

    Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps.

    1. Click Start, and then click Search.
    2. In the Search Results pane, click All files and folders under Search Companion.
    3. In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search.
    4. In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

      Note Depending on the edition of the operating system, or the programs that are installed on your system, some of the files that are listed in the file information table may not be installed.
    5. On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table.

      Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation.
  • Registry Key Verification

    You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section.

    These registry keys may not contain a complete list of installed files. Also, these registry keys may not be created correctly when an administrator or an OEM integrates or slipstreams this security update into the Windows installation source files.

Windows Server 2003 (all editions)

Reference Table

The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section.

Inclusion in Future Service PacksThe update for this issue will be included in a future service pack or update rollup
Deployment
Installing without user interventionInternet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
Windowsserver2003-kb933566-x86-enu /quiet
Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
IE7-KB933566-WindowsServer2003-x86-enu /quiet
Installing without restartingInternet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
Windowsserver2003-kb933566-x86-enu /norestart
Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
IE7-KB933566-WindowsServer2003-x86-enu /norestart
Update log fileKB933566.log
Further informationSee the subsection, Detection and Deployment Tools and Guidance
Restart Requirement
Restart requiredYes, you must restart your system after you apply this security update
HotpatchingThis security update does not support HotPatching. For more information about HotPatching see Microsoft Knowledge Base Article 897341.
Removal InformationInternet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the Use the Spuninst.exe utility, located in the %Windir%\$NTUninstallKB933566$\Spuninst folder
Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\ie7updates\KB933566-IE7\spuninst folder
File InformationSee the subsection, File Information, in this section for the full file manifest
Registry Key VerificationInternet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB933566\Filelist
Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP0\KB933566-IE7\Filelist

File Information

The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

For Internet Explorer 6 for all supported 32-bit editions of Windows Server 2003:

File NameVersionDateTimeSizeFolder
Browseui.dll6.0.3790.292020-Apr-200717:131,036,800SP1GDR
Danim.dll6.3.1.14820-Apr-200717:131,058,304SP1GDR
Dxtmsft.dll6.3.3790.292020-Apr-200717:13363,008SP1GDR
Dxtrans.dll6.3.3790.292020-Apr-200717:13212,480SP1GDR
Iedw.exe5.2.3790.292019-Apr-200711:0517,920SP1GDR
Iepeers.dll6.0.3790.292020-Apr-200717:13253,952SP1GDR
Jsproxy.dll6.0.3790.292020-Apr-200717:1316,384SP1GDR
Mshtml.dll6.0.3790.292020-Apr-200717:133,155,968SP1GDR
Mstime.dll6.0.3790.292020-Apr-200717:13537,088SP1GDR
Pngfilt.dll5.2.3790.292020-Apr-200717:1342,496SP1GDR
Shdocvw.dll6.0.3790.292020-Apr-200717:131,515,008SP1GDR
Shlwapi.dll6.0.3790.292020-Apr-200717:13321,536SP1GDR
Urlmon.dll6.0.3790.292020-Apr-200717:13697,344SP1GDR
W03a2409.dll5.2.3790.292019-Apr-200710:484,096SP1GDR
Wininet.dll6.0.3790.292020-Apr-200717:13662,528SP1GDR
Browseui.dll6.0.3790.292020-Apr-200717:171,036,800SP1QFE
Danim.dll6.3.1.14820-Apr-200717:171,058,304SP1QFE
Dxtmsft.dll6.3.3790.292020-Apr-200717:17363,008SP1QFE
Dxtrans.dll6.3.3790.292020-Apr-200717:17212,480SP1QFE
Iedw.exe5.2.3790.292019-Apr-200711:3317,920SP1QFE
Iepeers.dll6.0.3790.292020-Apr-200717:17253,952SP1QFE
Jsproxy.dll6.0.3790.292020-Apr-200717:1716,384SP1QFE
Mshtml.dll6.0.3790.292020-Apr-200717:173,158,528SP1QFE
Mstime.dll6.0.3790.292020-Apr-200717:17537,088SP1QFE
Pngfilt.dll5.2.3790.292020-Apr-200717:1742,496SP1QFE
Shdocvw.dll6.0.3790.292020-Apr-200717:171,515,520SP1QFE
Shlwapi.dll6.0.3790.292020-Apr-200717:17321,536SP1QFE
Urlmon.dll6.0.3790.292020-Apr-200717:17697,344SP1QFE
W03a2409.dll5.2.3790.292019-Apr-200711:0227,648SP1QFE
Wininet.dll6.0.3790.292020-Apr-200717:17666,112SP1QFE
Mshtml.dll6.0.3790.406420-Apr-200717:013,131,904SP2GDR
Shdocvw.dll6.0.3790.406420-Apr-200717:011,508,352SP2GDR
Urlmon.dll6.0.3790.407303-May-200716:23697,856SP2GDR
Mshtml.dll6.0.3790.406420-Apr-200717:073,132,416SP2QFE
Shdocvw.dll6.0.3790.406403-May-200717:561,508,352SP2QFE
Urlmon.dll6.0.3790.407303-May-200717:10697,856SP2QFE

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 7 for all supported 32-bit editions of Windows Server 2003:

File NameVersionDateTimeSize
Advpack.dll7.0.6000.1647325-Apr-200712:06124,928
Extmgr.dll7.0.6000.1647325-Apr-200712:06132,608
Ie4uinit.exe7.0.6000.1647325-Apr-200707:0056,832
Ieakeng.dll7.0.6000.1647325-Apr-200712:06153,088
Ieaksie.dll7.0.6000.1647325-Apr-200712:06230,400
Ieakui.dll7.0.6000.1647324-Apr-200710:54161,792
Ieapfltr.dat7.0.6011.017-Apr-200709:432,455,488
Ieapfltr.dll7.0.6000.1646125-Apr-200712:06383,488
Iedkcs32.dll17.0.6000.1647325-Apr-200712:06384,512
Ieframe.dll7.0.6000.1647325-Apr-200712:066,058,496
Ieframe.dll.mui7.0.6000.1641420-Feb-200706:33991,232
Iernonce.dll7.0.6000.1647325-Apr-200712:0644,544
Iertutil.dll7.0.6000.1647325-Apr-200712:06267,776
Ieudinit.exe7.0.6000.1647325-Apr-200707:0013,824
Iexplore.exe7.0.6000.1647325-Apr-200707:01625,152
Inetcpl.cpl7.0.6000.1647325-Apr-200712:061,824,768
Jsproxy.dll7.0.6000.1647325-Apr-200712:0627,648
Msfeeds.dll7.0.6000.1647325-Apr-200712:06459,264
Msfeedsbs.dll7.0.6000.1647325-Apr-200712:0652,224
Mshtml.dll7.0.6000.1648107-May-200718:583,583,488
Mshtmled.dll7.0.6000.1647325-Apr-200712:06477,696
Msrating.dll7.0.6000.1647325-Apr-200712:06193,024
Mstime.dll7.0.6000.1647325-Apr-200712:06670,720
Occache.dll7.0.6000.1647325-Apr-200712:06102,400
Url.dll7.0.6000.1647325-Apr-200712:06105,984
Urlmon.dll7.0.6000.1647325-Apr-200712:061,152,000
Webcheck.dll7.0.6000.1647325-Apr-200712:06232,960
Wininet.dll7.0.6000.1647325-Apr-200712:06822,784
Advpack.dll7.0.6000.2058325-Apr-200711:28124,928
Extmgr.dll7.0.6000.2058325-Apr-200711:28132,608
Ie4uinit.exe7.0.6000.2058324-Apr-200710:4756,832
Ieakeng.dll7.0.6000.2058325-Apr-200711:28153,088
Ieaksie.dll7.0.6000.2058325-Apr-200711:28230,400
Ieakui.dll7.0.6000.2058324-Apr-200709:09161,792
Ieapfltr.dat7.0.6011.017-Apr-200709:432,455,488
Ieapfltr.dll7.0.6000.1646125-Apr-200711:28383,488
Iedkcs32.dll17.0.6000.2058325-Apr-200711:28384,512
Ieframe.dll7.0.6000.2058325-Apr-200711:286,059,008
Ieframe.dll.mui7.0.6000.1641420-Feb-200706:33991,232
Iernonce.dll7.0.6000.2058325-Apr-200711:2844,544
Iertutil.dll7.0.6000.2058325-Apr-200711:28267,776
Ieudinit.exe7.0.6000.2058324-Apr-200710:4713,824
Iexplore.exe7.0.6000.2058324-Apr-200710:47625,152
Inetcpl.cpl7.0.6000.2058325-Apr-200711:281,824,256
Jsproxy.dll7.0.6000.2058325-Apr-200711:2827,648
Msfeeds.dll7.0.6000.2058325-Apr-200711:28459,264
Msfeedsbs.dll7.0.6000.2058325-Apr-200711:2852,224
Mshtml.dll7.0.6000.2059107-May-200719:373,584,000
Mshtmled.dll7.0.6000.2058325-Apr-200711:28477,696
Msrating.dll7.0.6000.2058325-Apr-200711:28193,024
Mstime.dll7.0.6000.2058325-Apr-200711:28670,720
Occache.dll7.0.6000.2058325-Apr-200711:28102,400
Url.dll7.0.6000.2058325-Apr-200711:28105,984
Urlmon.dll7.0.6000.2058325-Apr-200711:281,153,536
Webcheck.dll7.0.6000.2058325-Apr-200711:28232,960
Wininet.dll7.0.6000.2058325-Apr-200711:28823,808

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 6 for all supported Itanium-based editions of Windows Server 2003:

File NameVersionDateTimeSizeCPUFolder
Browseui.dll6.0.3790.292003-May-200720:182,542,080IA-64SP1GDR
Dxtmsft.dll6.3.3790.292003-May-200720:181,009,152IA-64SP1GDR
Dxtrans.dll6.3.3790.292003-May-200720:18640,512IA-64SP1GDR
Iepeers.dll6.0.3790.292003-May-200720:18717,312IA-64SP1GDR
Jsproxy.dll6.0.3790.292003-May-200720:1845,568IA-64SP1GDR
Mshtml.dll6.0.3790.292003-May-200720:189,365,504IA-64SP1GDR
Mstime.dll6.0.3790.292003-May-200720:191,845,760IA-64SP1GDR
Pngfilt.dll5.2.3790.292003-May-200720:19116,736IA-64SP1GDR
Shdocvw.dll6.0.3790.292003-May-200720:193,678,720IA-64SP1GDR
Shlwapi.dll6.0.3790.292003-May-200720:19823,296IA-64SP1GDR
Urlmon.dll6.0.3790.292003-May-200720:191,615,872IA-64SP1GDR
W03a2409.dll5.2.3790.292003-May-200720:193,072IA-64SP1GDR
Wininet.dll6.0.3790.292003-May-200720:191,695,744IA-64SP1GDR
Wbrowseui.dll6.0.3790.292003-May-200720:191,036,800x86SP1GDR\WOW
Wdanim.dll6.3.1.14803-May-200720:191,058,304x86SP1GDR\WOW
Wdxtmsft.dll6.3.3790.292003-May-200720:19363,008x86SP1GDR\WOW
Wdxtrans.dll6.3.3790.292003-May-200720:19212,480x86SP1GDR\WOW
Wiedw.exe5.2.3790.292003-May-200720:1917,920x86SP1GDR\WOW
Wiepeers.dll6.0.3790.292003-May-200720:19253,952x86SP1GDR\WOW
Wjsproxy.dll6.0.3790.292003-May-200720:1916,384x86SP1GDR\WOW
Wmshtml.dll6.0.3790.292003-May-200720:193,155,968x86SP1GDR\WOW
Wmstime.dll6.0.3790.292003-May-200720:19537,088x86SP1GDR\WOW
Wpngfilt.dll5.2.3790.292003-May-200720:1942,496x86SP1GDR\WOW
Wshdocvw.dll6.0.3790.292003-May-200720:191,515,008x86SP1GDR\WOW
Wshlwapi.dll6.0.3790.292003-May-200720:19321,536x86SP1GDR\WOW
Wurlmon.dll6.0.3790.292003-May-200720:19697,344x86SP1GDR\WOW
Ww03a2409.dll5.2.3790.292003-May-200720:194,096x86SP1GDR\WOW
Wwininet.dll6.0.3790.292003-May-200720:19662,528x86SP1GDR\WOW
Browseui.dll6.0.3790.292003-May-200720:182,541,568IA-64SP1QFE
Dxtmsft.dll6.3.3790.292003-May-200720:181,009,152IA-64SP1QFE
Dxtrans.dll6.3.3790.292003-May-200720:18640,512IA-64SP1QFE
Iepeers.dll6.0.3790.292003-May-200720:18717,824IA-64SP1QFE
Jsproxy.dll6.0.3790.292003-May-200720:1845,568IA-64SP1QFE
Mshtml.dll6.0.3790.292003-May-200720:189,371,648IA-64SP1QFE
Mstime.dll6.0.3790.292003-May-200720:191,845,760IA-64SP1QFE
Pngfilt.dll5.2.3790.292003-May-200720:19116,736IA-64SP1QFE
Shdocvw.dll6.0.3790.292003-May-200720:193,680,256IA-64SP1QFE
Shlwapi.dll6.0.3790.292003-May-200720:19823,296IA-64SP1QFE
Urlmon.dll6.0.3790.292003-May-200720:191,616,384IA-64SP1QFE
W03a2409.dll5.2.3790.292003-May-200720:1926,624IA-64SP1QFE
Wininet.dll6.0.3790.292003-May-200720:191,701,376IA-64SP1QFE
Wbrowseui.dll6.0.3790.292003-May-200720:191,036,800x86SP1QFE\WOW
Wdanim.dll6.3.1.14803-May-200720:191,058,304x86SP1QFE\WOW
Wdxtmsft.dll6.3.3790.292003-May-200720:19363,008x86SP1QFE\WOW
Wdxtrans.dll6.3.3790.292003-May-200720:19212,480x86SP1QFE\WOW
Wiedw.exe5.2.3790.292003-May-200720:1917,920x86SP1QFE\WOW
Wiepeers.dll6.0.3790.292003-May-200720:19253,952x86SP1QFE\WOW
Wjsproxy.dll6.0.3790.292003-May-200720:1916,384x86SP1QFE\WOW
Wmshtml.dll6.0.3790.292003-May-200720:193,158,528x86SP1QFE\WOW
Wmstime.dll6.0.3790.292003-May-200720:19537,088x86SP1QFE\WOW
Wpngfilt.dll5.2.3790.292003-May-200720:1942,496x86SP1QFE\WOW
Wshdocvw.dll6.0.3790.292003-May-200720:191,515,520x86SP1QFE\WOW
Wshlwapi.dll6.0.3790.292003-May-200720:19321,536x86SP1QFE\WOW
Wurlmon.dll6.0.3790.292003-May-200720:19697,344x86SP1QFE\WOW
Ww03a2409.dll5.2.3790.292003-May-200720:1927,648x86SP1QFE\WOW
Wwininet.dll6.0.3790.292003-May-200720:19666,112x86SP1QFE\WOW
Mshtml.dll6.0.3790.406403-May-200720:419,371,136IA-64SP2GDR
Shdocvw.dll6.0.3790.406403-May-200720:413,679,232IA-64SP2GDR
Urlmon.dll6.0.3790.407303-May-200720:411,618,944IA-64SP2GDR
Wmshtml.dll6.0.3790.406403-May-200720:423,131,904x86SP2GDR\WOW
Wshdocvw.dll6.0.3790.406403-May-200720:421,508,352x86SP2GDR\WOW
Wurlmon.dll6.0.3790.407303-May-200720:42697,856x86SP2GDR\WOW
Mshtml.dll6.0.3790.406403-May-200720:189,373,184IA-64SP2QFE
Shdocvw.dll6.0.3790.406403-May-200720:183,679,744IA-64SP2QFE
Urlmon.dll6.0.3790.407303-May-200720:181,618,944IA-64SP2QFE
Wmshtml.dll6.0.3790.406403-May-200720:183,132,416x86SP2QFE\WOW
Wshdocvw.dll6.0.3790.406403-May-200720:181,508,352x86SP2QFE\WOW
Wurlmon.dll6.0.3790.407303-May-200720:18697,856x86SP2QFE\WOW

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 7 for all supported Itanium-based editions of Windows Server 2003:

File NameVersionDateTimeSizeCPUFolder
Advpack.dll7.0.6000.1647307-May-200723:17283,136IA-64SP2GDR
Extmgr.dll7.0.6000.1647307-May-200723:17309,760IA-64SP2GDR
Ie4uinit.exe7.0.6000.1647307-May-200723:17110,080IA-64SP2GDR
Ieakeng.dll7.0.6000.1647307-May-200723:17385,536IA-64SP2GDR
Ieaksie.dll7.0.6000.1647307-May-200723:17503,808IA-64SP2GDR
Ieakui.dll7.0.6000.1647307-May-200723:17161,792IA-64SP2GDR
Ieapfltr.dat7.0.6011.007-May-200723:172,455,488SP2GDR
Ieapfltr.dll7.0.6000.1646107-May-200723:171,075,712IA-64SP2GDR
Iedkcs32.dll17.0.6000.1647307-May-200723:17748,032IA-64SP2GDR
Ieframe.dll7.0.6000.1647307-May-200723:1711,550,208IA-64SP2GDR
Ieframe.dll.mui7.0.6000.1641407-May-200723:17980,992SP2GDR
Iernonce.dll7.0.6000.1647307-May-200723:1799,840IA-64SP2GDR
Iertutil.dll7.0.6000.1647307-May-200723:17540,160IA-64SP2GDR
Ieudinit.exe7.0.6000.1647307-May-200723:1730,720IA-64SP2GDR
Iexplore.exe7.0.6000.1647307-May-200723:17751,104IA-64SP2GDR
Inetcpl.cpl7.0.6000.1647307-May-200723:172,387,456SP2GDR
Jsproxy.dll7.0.6000.1647307-May-200723:1782,432IA-64SP2GDR
Msfeeds.dll7.0.6000.1647307-May-200723:17958,464IA-64SP2GDR
Msfeedsbs.dll7.0.6000.1647307-May-200723:17136,704IA-64SP2GDR
Mshtml.dll7.0.6000.1648107-May-200723:179,971,200IA-64SP2GDR
Mshtmled.dll7.0.6000.1647307-May-200723:181,518,592IA-64SP2GDR
Msrating.dll7.0.6000.1647307-May-200723:18479,232IA-64SP2GDR
Mstime.dll7.0.6000.1647307-May-200723:182,229,760IA-64SP2GDR
Occache.dll7.0.6000.1647307-May-200723:18261,120IA-64SP2GDR
Url.dll7.0.6000.1647307-May-200723:18130,048IA-64SP2GDR
Urlmon.dll7.0.6000.1647307-May-200723:182,525,696IA-64SP2GDR
Webcheck.dll7.0.6000.1647307-May-200723:18638,976IA-64SP2GDR
Wininet.dll7.0.6000.1647307-May-200723:181,858,560IA-64SP2GDR
Wadvpack.dll7.0.6000.1647307-May-200723:18124,928x86SP2GDR\WOW
Wextmgr.dll7.0.6000.1647307-May-200723:18132,608x86SP2GDR\WOW
Wie4uinit.exe7.0.6000.1647307-May-200723:1856,832x86SP2GDR\WOW
Wieakeng.dll7.0.6000.1647307-May-200723:18153,088x86SP2GDR\WOW
Wieaksie.dll7.0.6000.1647307-May-200723:18230,400x86SP2GDR\WOW
Wieakui.dll7.0.6000.1647307-May-200723:18161,792x86SP2GDR\WOW
Wieapfltr.dat7.0.6011.007-May-200723:182,455,488SP2GDR\WOW
Wieapfltr.dll7.0.6000.1646107-May-200723:18383,488x86SP2GDR\WOW
Wiedkcs32.dll17.0.6000.1647307-May-200723:18384,512x86SP2GDR\WOW
Wieframe.dll7.0.6000.1647307-May-200723:186,058,496x86SP2GDR\WOW
Wieframe.dll.mui7.0.6000.1641407-May-200723:18991,232SP2GDR\WOW
Wiernonce.dll7.0.6000.1647307-May-200723:1844,544x86SP2GDR\WOW
Wiertutil.dll7.0.6000.1647307-May-200723:18267,776x86SP2GDR\WOW
Wieudinit.exe7.0.6000.1647307-May-200723:1813,824x86SP2GDR\WOW
Wiexplore.exe7.0.6000.1647307-May-200723:18625,152x86SP2GDR\WOW
Winetcpl.cpl7.0.6000.1647307-May-200723:181,824,768SP2GDR\WOW
Wjsproxy.dll7.0.6000.1647307-May-200723:1827,648x86SP2GDR\WOW
Wmsfeeds.dll7.0.6000.1647307-May-200723:18459,264x86SP2GDR\WOW
Wmsfeedsbs.dll7.0.6000.1647307-May-200723:1852,224x86SP2GDR\WOW
Wmshtml.dll7.0.6000.1648107-May-200723:183,583,488x86SP2GDR\WOW
Wmshtmled.dll7.0.6000.1647307-May-200723:18477,696x86SP2GDR\WOW
Wmsrating.dll7.0.6000.1647307-May-200723:18193,024x86SP2GDR\WOW
Wmstime.dll7.0.6000.1647307-May-200723:18670,720x86SP2GDR\WOW
Woccache.dll7.0.6000.1647307-May-200723:18102,400x86SP2GDR\WOW
Wurl.dll7.0.6000.1647307-May-200723:18105,984x86SP2GDR\WOW
Wurlmon.dll7.0.6000.1647307-May-200723:181,152,000x86SP2GDR\WOW
Wwebcheck.dll7.0.6000.1647307-May-200723:18232,960x86SP2GDR\WOW
Wwininet.dll7.0.6000.1647307-May-200723:18822,784x86SP2GDR\WOW
Advpack.dll7.0.6000.2058307-May-200723:06283,136IA-64SP2QFE
Extmgr.dll7.0.6000.2058307-May-200723:06309,760IA-64SP2QFE
Ie4uinit.exe7.0.6000.2058307-May-200723:06110,080IA-64SP2QFE
Ieakeng.dll7.0.6000.2058307-May-200723:06385,536IA-64SP2QFE
Ieaksie.dll7.0.6000.2058307-May-200723:06503,808IA-64SP2QFE
Ieakui.dll7.0.6000.2058307-May-200723:06161,792IA-64SP2QFE
Ieapfltr.dat7.0.6011.007-May-200723:062,455,488SP2QFE
Ieapfltr.dll7.0.6000.1646107-May-200723:061,075,712IA-64SP2QFE
Iedkcs32.dll17.0.6000.2058307-May-200723:06748,032IA-64SP2QFE
Ieframe.dll7.0.6000.2058307-May-200723:0711,550,208IA-64SP2QFE
Ieframe.dll.mui7.0.6000.1641407-May-200723:07980,992SP2QFE
Iernonce.dll7.0.6000.2058307-May-200723:0799,840IA-64SP2QFE
Iertutil.dll7.0.6000.2058307-May-200723:07540,160IA-64SP2QFE
Ieudinit.exe7.0.6000.2058307-May-200723:0730,720IA-64SP2QFE
Iexplore.exe7.0.6000.2058307-May-200723:07751,104IA-64SP2QFE
Inetcpl.cpl7.0.6000.2058307-May-200723:072,387,456SP2QFE
Jsproxy.dll7.0.6000.2058307-May-200723:0782,432IA-64SP2QFE
Msfeeds.dll7.0.6000.2058307-May-200723:07958,464IA-64SP2QFE
Msfeedsbs.dll7.0.6000.2058307-May-200723:07136,704IA-64SP2QFE
Mshtml.dll7.0.6000.2059107-May-200723:079,972,736IA-64SP2QFE
Mshtmled.dll7.0.6000.2058307-May-200723:081,518,592IA-64SP2QFE
Msrating.dll7.0.6000.2058307-May-200723:08479,232IA-64SP2QFE
Mstime.dll7.0.6000.2058307-May-200723:082,229,760IA-64SP2QFE
Occache.dll7.0.6000.2058307-May-200723:08261,120IA-64SP2QFE
Url.dll7.0.6000.2058307-May-200723:08130,048IA-64SP2QFE
Urlmon.dll7.0.6000.2058307-May-200723:082,529,280IA-64SP2QFE
Webcheck.dll7.0.6000.2058307-May-200723:08638,976IA-64SP2QFE
Wininet.dll7.0.6000.2058307-May-200723:081,859,584IA-64SP2QFE
Wadvpack.dll7.0.6000.2058307-May-200723:11124,928x86SP2QFE\WOW
Wextmgr.dll7.0.6000.2058307-May-200723:11132,608x86SP2QFE\WOW
Wie4uinit.exe7.0.6000.2058307-May-200723:1156,832x86SP2QFE\WOW
Wieakeng.dll7.0.6000.2058307-May-200723:11153,088x86SP2QFE\WOW
Wieaksie.dll7.0.6000.2058307-May-200723:11230,400x86SP2QFE\WOW
Wieakui.dll7.0.6000.2058307-May-200723:11161,792x86SP2QFE\WOW
Wieapfltr.dat7.0.6011.007-May-200723:112,455,488SP2QFE\WOW
Wieapfltr.dll7.0.6000.1646107-May-200723:11383,488x86SP2QFE\WOW
Wiedkcs32.dll17.0.6000.2058307-May-200723:11384,512x86SP2QFE\WOW
Wieframe.dll7.0.6000.2058307-May-200723:116,059,008x86SP2QFE\WOW
Wieframe.dll.mui7.0.6000.1641407-May-200723:11991,232SP2QFE\WOW
Wiernonce.dll7.0.6000.2058307-May-200723:1144,544x86SP2QFE\WOW
Wiertutil.dll7.0.6000.2058307-May-200723:11267,776x86SP2QFE\WOW
Wieudinit.exe7.0.6000.2058307-May-200723:1113,824x86SP2QFE\WOW
Wiexplore.exe7.0.6000.2058307-May-200723:11625,152x86SP2QFE\WOW
Winetcpl.cpl7.0.6000.2058307-May-200723:111,824,256SP2QFE\WOW
Wjsproxy.dll7.0.6000.2058307-May-200723:1127,648x86SP2QFE\WOW
Wmsfeeds.dll7.0.6000.2058307-May-200723:11459,264x86SP2QFE\WOW
Wmsfeedsbs.dll7.0.6000.2058307-May-200723:1152,224x86SP2QFE\WOW
Wmshtml.dll7.0.6000.2059107-May-200723:113,584,000x86SP2QFE\WOW
Wmshtmled.dll7.0.6000.2058307-May-200723:11477,696x86SP2QFE\WOW
Wmsrating.dll7.0.6000.2058307-May-200723:11193,024x86SP2QFE\WOW
Wmstime.dll7.0.6000.2058307-May-200723:11670,720x86SP2QFE\WOW
Woccache.dll7.0.6000.2058307-May-200723:11102,400x86SP2QFE\WOW
Wurl.dll7.0.6000.2058307-May-200723:11105,984x86SP2QFE\WOW
Wurlmon.dll7.0.6000.2058307-May-200723:111,153,536x86SP2QFE\WOW
Wwebcheck.dll7.0.6000.2058307-May-200723:11232,960x86SP2QFE\WOW
Wwininet.dll7.0.6000.2058307-May-200723:11823,808x86SP2QFE\WOW

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 6 for all supported x64 editions of Windows Server 2003:

File NameVersionDateTimeSizeCPUFolder
Browseui.dll6.0.3790.292003-May-200720:211,605,120x64SP1GDR
Danim.dll6.3.1.14803-May-200720:221,989,120x64SP1GDR
Dxtmsft.dll6.3.3790.292003-May-200720:22561,664x64SP1GDR
Dxtrans.dll6.3.3790.292003-May-200720:22332,288x64SP1GDR
Iepeers.dll6.0.3790.292003-May-200720:22369,664x64SP1GDR
Jsproxy.dll6.0.3790.292003-May-200720:2224,064x64SP1GDR
Mshtml.dll6.0.3790.292003-May-200720:225,997,568x64SP1GDR
Mstime.dll6.0.3790.292003-May-200720:22900,608x64SP1GDR
Pngfilt.dll5.2.3790.292003-May-200720:2264,000x64SP1GDR
Shdocvw.dll6.0.3790.292003-May-200720:222,438,144x64SP1GDR
Shlwapi.dll6.0.3790.292003-May-200720:22621,568x64SP1GDR
Urlmon.dll6.0.3790.292003-May-200720:221,085,440x64SP1GDR
W03a2409.dll5.2.3790.292003-May-200720:224,608x64SP1GDR
Wininet.dll6.0.3790.292003-May-200720:221,187,840x64SP1GDR
Wbrowseui.dll6.0.3790.292003-May-200720:221,036,800x86SP1GDR\WOW
Wdanim.dll6.3.1.14803-May-200720:221,058,304x86SP1GDR\WOW
Wdxtmsft.dll6.3.3790.292003-May-200720:22363,008x86SP1GDR\WOW
Wdxtrans.dll6.3.3790.292003-May-200720:22212,480x86SP1GDR\WOW
Wiedw.exe5.2.3790.292003-May-200720:2217,920x86SP1GDR\WOW
Wiepeers.dll6.0.3790.292003-May-200720:22253,952x86SP1GDR\WOW
Wjsproxy.dll6.0.3790.292003-May-200720:2216,384x86SP1GDR\WOW
Wmshtml.dll6.0.3790.292003-May-200720:223,155,968x86SP1GDR\WOW
Wmstime.dll6.0.3790.292003-May-200720:22537,088x86SP1GDR\WOW
Wpngfilt.dll5.2.3790.292003-May-200720:2242,496x86SP1GDR\WOW
Wshdocvw.dll6.0.3790.292003-May-200720:221,515,008x86SP1GDR\WOW
Wshlwapi.dll6.0.3790.292003-May-200720:22321,536x86SP1GDR\WOW
Wurlmon.dll6.0.3790.292003-May-200720:22697,344x86SP1GDR\WOW
Ww03a2409.dll5.2.3790.292003-May-200720:224,096x86SP1GDR\WOW
Wwininet.dll6.0.3790.292003-May-200720:22662,528x86SP1GDR\WOW
Browseui.dll6.0.3790.292003-May-200720:211,605,120x64SP1QFE
Danim.dll6.3.1.14803-May-200720:211,989,120x64SP1QFE
Dxtmsft.dll6.3.3790.292003-May-200720:21561,664x64SP1QFE
Dxtrans.dll6.3.3790.292003-May-200720:21332,288x64SP1QFE
Iepeers.dll6.0.3790.292003-May-200720:21370,176x64SP1QFE
Jsproxy.dll6.0.3790.292003-May-200720:2124,064x64SP1QFE
Mshtml.dll6.0.3790.292003-May-200720:216,001,664x64SP1QFE
Mstime.dll6.0.3790.292003-May-200720:22900,608x64SP1QFE
Pngfilt.dll5.2.3790.292003-May-200720:2264,000x64SP1QFE
Shdocvw.dll6.0.3790.292003-May-200720:222,438,656x64SP1QFE
Shlwapi.dll6.0.3790.292003-May-200720:22621,568x64SP1QFE
Urlmon.dll6.0.3790.292003-May-200720:221,085,440x64SP1QFE
W03a2409.dll5.2.3790.292003-May-200720:2228,160x64SP1QFE
Wininet.dll6.0.3790.292003-May-200720:221,189,888x64SP1QFE
Wbrowseui.dll6.0.3790.292003-May-200720:221,036,800x86SP1QFE\WOW
Wdanim.dll6.3.1.14803-May-200720:221,058,304x86SP1QFE\WOW
Wdxtmsft.dll6.3.3790.292003-May-200720:22363,008x86SP1QFE\WOW
Wdxtrans.dll6.3.3790.292003-May-200720:22212,480x86SP1QFE\WOW
Wiedw.exe5.2.3790.292003-May-200720:2217,920x86SP1QFE\WOW
Wiepeers.dll6.0.3790.292003-May-200720:22253,952x86SP1QFE\WOW
Wjsproxy.dll6.0.3790.292003-May-200720:2216,384x86SP1QFE\WOW
Wmshtml.dll6.0.3790.292003-May-200720:223,158,528x86SP1QFE\WOW
Wmstime.dll6.0.3790.292003-May-200720:22537,088x86SP1QFE\WOW
Wpngfilt.dll5.2.3790.292003-May-200720:2242,496x86SP1QFE\WOW
Wshdocvw.dll6.0.3790.292003-May-200720:221,515,520x86SP1QFE\WOW
Wshlwapi.dll6.0.3790.292003-May-200720:22321,536x86SP1QFE\WOW
Wurlmon.dll6.0.3790.292003-May-200720:22697,344x86SP1QFE\WOW
Ww03a2409.dll5.2.3790.292003-May-200720:2227,648x86SP1QFE\WOW
Wwininet.dll6.0.3790.292003-May-200720:22666,112x86SP1QFE\WOW
Mshtml.dll6.0.3790.406403-May-200720:455,998,592x64SP2GDR
Shdocvw.dll6.0.3790.406403-May-200720:462,438,144x64SP2GDR
Urlmon.dll6.0.3790.407303-May-200720:461,088,000x64SP2GDR
Wmshtml.dll6.0.3790.406403-May-200720:463,131,904x86SP2GDR\WOW
Wshdocvw.dll6.0.3790.406403-May-200720:461,508,352x86SP2GDR\WOW
Wurlmon.dll6.0.3790.407303-May-200720:46697,856x86SP2GDR\WOW
Mshtml.dll6.0.3790.406404-May-200705:556,000,128x64SP2QFE
Shdocvw.dll6.0.3790.406404-May-200705:552,438,656x64SP2QFE
Urlmon.dll6.0.3790.407304-May-200705:551,088,000x64SP2QFE
Wmshtml.dll6.0.3790.406404-May-200705:553,132,416x86SP2QFE\WOW
Wshdocvw.dll6.0.3790.406404-May-200705:551,508,352x86SP2QFE\WOW
Wurlmon.dll6.0.3790.407304-May-200705:55697,856x86SP2QFE\WOW

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 7 for all supported x64 editions of Windows Server 2003:

File NameVersionDateTimeSizeCPUFolder
Advpack.dll7.0.6000.1647307-May-200723:27161,280x64SP2GDR
Extmgr.dll7.0.6000.1647307-May-200723:27188,416x64SP2GDR
Ie4uinit.exe7.0.6000.1647307-May-200723:2768,608x64SP2GDR
Ieakeng.dll7.0.6000.1647307-May-200723:27196,096x64SP2GDR
Ieaksie.dll7.0.6000.1647307-May-200723:27267,776x64SP2GDR
Ieakui.dll7.0.6000.1647307-May-200723:27161,792x64SP2GDR
Ieapfltr.dat7.0.6011.007-May-200723:272,455,488x64SP2GDR
Ieapfltr.dll7.0.6000.1646107-May-200723:27424,448x64SP2GDR
Iedkcs32.dll17.0.6000.1647307-May-200723:27468,480x64SP2GDR
Ieframe.dll7.0.6000.1647307-May-200723:287,058,944x64SP2GDR
Ieframe.dll.mui7.0.6000.1641407-May-200723:28983,552x64SP2GDR
Iernonce.dll7.0.6000.1647307-May-200723:2857,344x64SP2GDR
Iertutil.dll7.0.6000.1647307-May-200723:28355,840x64SP2GDR
Ieudinit.exe7.0.6000.1647307-May-200723:2813,824x64SP2GDR
Iexplore.exe7.0.6000.1647307-May-200723:28679,424x64SP2GDR
Inetcpl.cpl7.0.6000.1647307-May-200723:282,025,472x64SP2GDR
Jsproxy.dll7.0.6000.1647307-May-200723:2832,256x64SP2GDR
Msfeeds.dll7.0.6000.1647307-May-200723:28553,984x64SP2GDR
Msfeedsbs.dll7.0.6000.1647307-May-200723:2875,264x64SP2GDR
Mshtml.dll7.0.6000.1648107-May-200723:285,668,352x64SP2GDR
Mshtmled.dll7.0.6000.1647307-May-200723:28758,784x64SP2GDR
Msrating.dll7.0.6000.1647307-May-200723:29242,176x64SP2GDR
Mstime.dll7.0.6000.1647307-May-200723:291,129,472x64SP2GDR
Occache.dll7.0.6000.1647307-May-200723:29151,040x64SP2GDR
Url.dll7.0.6000.1647307-May-200723:29108,544x64SP2GDR
Urlmon.dll7.0.6000.1647307-May-200723:291,418,752x64SP2GDR
Webcheck.dll7.0.6000.1647307-May-200723:29295,424x64SP2GDR
Wininet.dll7.0.6000.1647307-May-200723:291,019,392x64SP2GDR
Wadvpack.dll7.0.6000.1647307-May-200723:31124,928x86SP2GDR\WOW
Wextmgr.dll7.0.6000.1647307-May-200723:31132,608x86SP2GDR\WOW
Wie4uinit.exe7.0.6000.1647307-May-200723:3156,832x86SP2GDR\WOW
Wieakeng.dll7.0.6000.1647307-May-200723:31153,088x86SP2GDR\WOW
Wieaksie.dll7.0.6000.1647307-May-200723:31230,400x86SP2GDR\WOW
Wieakui.dll7.0.6000.1647307-May-200723:31161,792x86SP2GDR\WOW
Wieapfltr.dat7.0.6011.007-May-200723:312,455,488x64SP2GDR\WOW
Wieapfltr.dll7.0.6000.1646107-May-200723:31383,488x86SP2GDR\WOW
Wiedkcs32.dll17.0.6000.1647307-May-200723:31384,512x86SP2GDR\WOW
Wieframe.dll7.0.6000.1647307-May-200723:316,058,496x86SP2GDR\WOW
Wieframe.dll.mui7.0.6000.1641407-May-200723:31991,232x64SP2GDR\WOW
Wiernonce.dll7.0.6000.1647307-May-200723:3144,544x86SP2GDR\WOW
Wiertutil.dll7.0.6000.1647307-May-200723:31267,776x86SP2GDR\WOW
Wieudinit.exe7.0.6000.1647307-May-200723:3113,824x86SP2GDR\WOW
Wiexplore.exe7.0.6000.1647307-May-200723:31625,152x86SP2GDR\WOW
Winetcpl.cpl7.0.6000.1647307-May-200723:311,824,768x64SP2GDR\WOW
Wjsproxy.dll7.0.6000.1647307-May-200723:3127,648x86SP2GDR\WOW
Wmsfeeds.dll7.0.6000.1647307-May-200723:31459,264x86SP2GDR\WOW
Wmsfeedsbs.dll7.0.6000.1647307-May-200723:3152,224x86SP2GDR\WOW
Wmshtml.dll7.0.6000.1648107-May-200723:313,583,488x86SP2GDR\WOW
Wmshtmled.dll7.0.6000.1647307-May-200723:31477,696x86SP2GDR\WOW
Wmsrating.dll7.0.6000.1647307-May-200723:31193,024x86SP2GDR\WOW
Wmstime.dll7.0.6000.1647307-May-200723:31670,720x86SP2GDR\WOW
Woccache.dll7.0.6000.1647307-May-200723:31102,400x86SP2GDR\WOW
Wurl.dll7.0.6000.1647307-May-200723:31105,984x86SP2GDR\WOW
Wurlmon.dll7.0.6000.1647307-May-200723:311,152,000x86SP2GDR\WOW
Wwebcheck.dll7.0.6000.1647307-May-200723:31232,960x86SP2GDR\WOW
Wwininet.dll7.0.6000.1647307-May-200723:31822,784x86SP2GDR\WOW
Advpack.dll7.0.6000.2058307-May-200723:06161,280x64SP2QFE
Extmgr.dll7.0.6000.2058307-May-200723:06188,416x64SP2QFE
Ie4uinit.exe7.0.6000.2058307-May-200723:0668,608x64SP2QFE
Ieakeng.dll7.0.6000.2058307-May-200723:06195,584x64SP2QFE
Ieaksie.dll7.0.6000.2058307-May-200723:06267,264x64SP2QFE
Ieakui.dll7.0.6000.2058307-May-200723:06161,792x64SP2QFE
Ieapfltr.dat7.0.6011.007-May-200723:062,455,488x64SP2QFE
Ieapfltr.dll7.0.6000.1646107-May-200723:06424,448x64SP2QFE
Iedkcs32.dll17.0.6000.2058307-May-200723:06468,480x64SP2QFE
Ieframe.dll7.0.6000.2058307-May-200723:067,059,968x64SP2QFE
Ieframe.dll.mui7.0.6000.1641407-May-200723:07983,552x64SP2QFE
Iernonce.dll7.0.6000.2058307-May-200723:0757,344x64SP2QFE
Iertutil.dll7.0.6000.2058307-May-200723:07355,840x64SP2QFE
Ieudinit.exe7.0.6000.2058307-May-200723:0713,824x64SP2QFE
Iexplore.exe7.0.6000.2058307-May-200723:07679,424x64SP2QFE
Inetcpl.cpl7.0.6000.2058307-May-200723:072,025,472x64SP2QFE
Jsproxy.dll7.0.6000.2058307-May-200723:0732,256x64SP2QFE
Msfeeds.dll7.0.6000.2058307-May-200723:07553,984x64SP2QFE
Msfeedsbs.dll7.0.6000.2058307-May-200723:0775,264x64SP2QFE
Mshtml.dll7.0.6000.2059107-May-200723:075,669,888x64SP2QFE
Mshtmled.dll7.0.6000.2058307-May-200723:08758,784x64SP2QFE
Msrating.dll7.0.6000.2058307-May-200723:08242,176x64SP2QFE
Mstime.dll7.0.6000.2058307-May-200723:081,129,472x64SP2QFE
Occache.dll7.0.6000.2058307-May-200723:08151,040x64SP2QFE
Url.dll7.0.6000.2058307-May-200723:08108,544x64SP2QFE
Urlmon.dll7.0.6000.2058307-May-200723:091,420,800x64SP2QFE
Webcheck.dll7.0.6000.2058307-May-200723:09295,424x64SP2QFE
Wininet.dll7.0.6000.2058307-May-200723:091,020,928x64SP2QFE
Wadvpack.dll7.0.6000.2058307-May-200723:13124,928x86SP2QFE\WOW
Wextmgr.dll7.0.6000.2058307-May-200723:13132,608x86SP2QFE\WOW
Wie4uinit.exe7.0.6000.2058307-May-200723:1356,832x86SP2QFE\WOW
Wieakeng.dll7.0.6000.2058307-May-200723:13153,088x86SP2QFE\WOW
Wieaksie.dll7.0.6000.2058307-May-200723:13230,400x86SP2QFE\WOW
Wieakui.dll7.0.6000.2058307-May-200723:13161,792x86SP2QFE\WOW
Wieapfltr.dat7.0.6011.007-May-200723:132,455,488x64SP2QFE\WOW
Wieapfltr.dll7.0.6000.1646107-May-200723:13383,488x86SP2QFE\WOW
Wiedkcs32.dll17.0.6000.2058307-May-200723:13384,512x86SP2QFE\WOW
Wieframe.dll7.0.6000.2058307-May-200723:136,059,008x86SP2QFE\WOW
Wieframe.dll.mui7.0.6000.1641407-May-200723:13991,232x64SP2QFE\WOW
Wiernonce.dll7.0.6000.2058307-May-200723:1344,544x86SP2QFE\WOW
Wiertutil.dll7.0.6000.2058307-May-200723:13267,776x86SP2QFE\WOW
Wieudinit.exe7.0.6000.2058307-May-200723:1313,824x86SP2QFE\WOW
Wiexplore.exe7.0.6000.2058307-May-200723:13625,152x86SP2QFE\WOW
Winetcpl.cpl7.0.6000.2058307-May-200723:131,824,256x64SP2QFE\WOW
Wjsproxy.dll7.0.6000.2058307-May-200723:1327,648x86SP2QFE\WOW
Wmsfeeds.dll7.0.6000.2058307-May-200723:13459,264x86SP2QFE\WOW
Wmsfeedsbs.dll7.0.6000.2058307-May-200723:1352,224x86SP2QFE\WOW
Wmshtml.dll7.0.6000.2059107-May-200723:133,584,000x86SP2QFE\WOW
Wmshtmled.dll7.0.6000.2058307-May-200723:13477,696x86SP2QFE\WOW
Wmsrating.dll7.0.6000.2058307-May-200723:13193,024x86SP2QFE\WOW
Wmstime.dll7.0.6000.2058307-May-200723:13670,720x86SP2QFE\WOW
Woccache.dll7.0.6000.2058307-May-200723:13102,400x86SP2QFE\WOW
Wurl.dll7.0.6000.2058307-May-200723:13105,984x86SP2QFE\WOW
Wurlmon.dll7.0.6000.2058307-May-200723:131,153,536x86SP2QFE\WOW
Wwebcheck.dll7.0.6000.2058307-May-200723:13232,960x86SP2QFE\WOW
Wwininet.dll7.0.6000.2058307-May-200723:13823,808x86SP2QFE\WOW

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

Deployment Information

Installing the Update

When you install this security update, the installer checks to see if one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix.

If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994.

For more information about the installer, visit the Microsoft TechNet Web site.

For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684.

This security update supports the following setup switches.

Supported Security Update Installation Switches
SwitchDescription
/helpDisplays the command-line options
Setup Modes
/passiveUnattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.
/quietQuiet mode. This is the same as unattended mode, but no status or error messages are displayed.
Restart Options
/norestartDoes not restart when installation has completed
/forcerestartRestarts the computer after installation and force other applications to close at shutdown without saving open files first.
/warnrestart[:x]Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.
/promptrestartDisplay a dialog box prompting the local user to allow a restart
Special Options
/overwriteoemOverwrites OEM files without prompting
/nobackupDoes not back up files needed for uninstall
/forceappscloseForces other programs to close when the computer shuts down
/log:pathAllows the redirection of installation log files
/integrate:pathIntegrates the update into the Windows source files. These files are located at the path that is specified in the switch.
/extract[:path]Extracts files without starting the Setup program
/EREnables extended error reporting
/verboseEnables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly.

Note You can combine these switches into one command. For backward compatibility, the security update also supports many of the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841.

Removing the Update

This security update supports the following setup switches.

Supported Spuninst.exe Switches
SwitchDescription
/helpDisplays the command-line options
Setup Modes
/passiveUnattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.
/quietQuiet mode. This is the same as unattended mode, but no status or error messages are displayed.
Restart Options
/norestartDoes not restart when installation has completed
/forcerestartRestarts the computer after installation and force other applications to close at shutdown without saving open files first.
/warnrestart[:x]Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.
/promptrestartDisplay a dialog box prompting the local user to allow a restart
Special Options
/forceappscloseForces other programs to close when the computer shuts down
/log:pathAllows the redirection of installation log files

Verifying that the Update Has Been Applied

  • Microsoft Baseline Security Analyzer

    To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information.

  • File Version Verification

    Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps.

    1. Click Start, and then click Search.
    2. In the Search Results pane, click All files and folders under Search Companion.
    3. In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search.
    4. In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

      Note Depending on the edition of the operating system, or the programs that are installed on your system, some of the files that are listed in the file information table may not be installed.
    5. On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table.

      Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation.
  • Registry Key Verification

    You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section.

    These registry keys may not contain a complete list of installed files. Also, these registry keys may not be created correctly when an administrator or an OEM integrates or slipstreams this security update into the Windows installation source files.

Windows Vista (all editions)

Reference Table

The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section.

Inclusion in Future Service PacksThe update for this issue will be included in a future service pack or update rollup
Deployment
Installing without user interventionInternet Explorer 7 in all supported 32-bit editions of Windows Vista:
Windows6.0-KB933566-x86.msu /quiet
Internet Explorer 7 in all supported x64 editions of Windows Vista:
Windows6.0-KB933566-x86.msu /quiet
Installing without restartingInternet Explorer 7 in all supported 32-bit editions of Windows Vista:
Windows6.0-KB933566-x86.msu /quiet /norestart
Internet Explorer 7 in all supported x64 editions of Windows Vista:
Windows6.0-KB933566-x86.msu /quiet /norestart
Update log fileKB933566.log
Further informationSee the subsection, Detection and Deployment Tools and Guidance
Restart Requirement
Restart requiredYes, you must restart your system after you apply this security update
HotpatchingNot applicable.
Removal InformationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, click Security, then under WindowsUpdate, click Viewinstalled updates and select from the list of updates.
File InformationSee the subsection, File Information, in this section for the full file manifest

File Information

The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

For Internet Explorer 7 in all supported 32-bit editions of Windows Vista:

File NameVersionDateTimeSize
Wsusscan.cab04-May-200723:00119,454
X86_0a143cc594060f07eab220bae2d881a4_31bf3856ad364e35_6.0.6000.20583_none_f99b75740a5f6bb1.manifest04-May-200721:41700
X86_194564191d550b1dd2f3c39abdabf44b_31bf3856ad364e35_6.0.6000.16473_none_9ac2a496193a93fd.manifest04-May-200721:41726
X86_1c899a3c9576322257f8c91bbb5cbd42_31bf3856ad364e35_6.0.6000.20583_none_1f7c168b4b9a2d71.manifest04-May-200721:41696
X86_23719b6bd3cef355e2668a6f78d78879_31bf3856ad364e35_6.0.6000.20583_none_5d3456c35342f86b.manifest04-May-200721:41695
X86_26a27a219160ab8b1c10279160eadcd7_31bf3856ad364e35_6.0.6000.16473_none_97e2ebed7c538bed.manifest04-May-200721:41711
X86_2a149c8ddc887a81f57facf8c37ac822_31bf3856ad364e35_6.0.6000.20583_none_96c45ea94eec2adc.manifest04-May-200721:41724
X86_309d3903cfdf844ce5fc819364b3a769_31bf3856ad364e35_6.0.6000.16481_none_c0bafff4af93899a.manifest04-May-200721:41704
X86_460b3b90393bf327d4930fed3db0a5bd_31bf3856ad364e35_6.0.6000.20583_none_c10156195ac2a0d4.manifest04-May-200721:41700
X86_4b65a90deb41b08cb5fa72fd5f18c218_31bf3856ad364e35_6.0.6000.16473_none_d10a6fa16dda3557.manifest04-May-200721:41696
X86_4eba08e7a95bed9f25b8f9d9c74d40b7_31bf3856ad364e35_6.0.6000.20583_none_56e0abf4faf30e60.manifest04-May-200721:41694
X86_53f5d5a93e8fc0982b0fd21731d92132_31bf3856ad364e35_6.0.6000.20583_none_2ef23c9e87da7084.manifest04-May-200721:41702
X86_649b8d1d590fd86e81416ecfa3b6d453_31bf3856ad364e35_6.0.6000.16473_none_2a8f63becd07e46d.manifest04-May-200721:41700
X86_7241f476a146622784a78db5323c8566_31bf3856ad364e35_6.0.6000.20583_none_847206ad6957f792.manifest04-May-200721:41708
X86_7643aea3509df4ad7a896b7ce9d0c052_31bf3856ad364e35_6.0.6000.16473_none_58195e593354f7fa.manifest04-May-200721:41724
X86_76eab608cfd1dc87044be02146352325_31bf3856ad364e35_6.0.6000.16473_none_a851be40753b9337.manifest04-May-200721:41694
X86_779201b62cdc8329bb4eb8298ef9adfe_31bf3856ad364e35_6.0.6000.20591_none_c4a8db7bdd3e3e3a.manifest04-May-200721:41704
X86_79fb19734703e2c48717e88cc98cda54_31bf3856ad364e35_6.0.6000.16473_none_f1b2aed4bf191952.manifest04-May-200721:41706
X86_7ba3e594d2bdcf1c8853293e8fb503cc_31bf3856ad364e35_6.0.6000.20583_none_b1a18d9a98bc3e7b.manifest04-May-200721:41695
X86_7c59605344a0d58ee07a16a1ed1998ef_31bf3856ad364e35_6.0.6000.16473_none_9a9b8501473f3e58.manifest04-May-200721:41700
X86_8225e3326665b3c008908f9d56d75f76_31bf3856ad364e35_6.0.6000.16473_none_3a3b64287d2a0b7d.manifest04-May-200721:41702
X86_94a514541b76ba4b5b76a8a6956300a4_31bf3856ad364e35_6.0.6000.20583_none_b3633f11fe00d14d.manifest04-May-200721:41706
X86_b7c0af5030298fe0d9a6e2a49840559a_31bf3856ad364e35_6.0.6000.20583_none_616b5e4c69364691.manifest04-May-200721:41711
X86_be7d68797341871be9942dd6a65337d6_31bf3856ad364e35_6.0.6000.16473_none_82c6508e5d82b253.manifest04-May-200721:41695
X86_c06913304b67745d99e4dcaffa20846c_31bf3856ad364e35_6.0.6000.16473_none_b527f89ee83dca79.manifest04-May-200721:41696
X86_cc5024b0fb336e723da11f0715a21b20_31bf3856ad364e35_6.0.6000.16473_none_0f6fa5f692a75260.manifest04-May-200721:41695
X86_d3e13a04a904d0b58690c7cb0a75c0e7_31bf3856ad364e35_6.0.6000.20583_none_e2a516d8c05e1fa3.manifest04-May-200721:41726
X86_e0f54e4e01cf09dd5deac101b0092801_31bf3856ad364e35_6.0.6000.16473_none_fe1f8884510a3ab1.manifest04-May-200721:41704
X86_e575e3e55ceeb7295966ab39511de6a9_31bf3856ad364e35_6.0.6000.20583_none_4e33617ef1e70d96.manifest04-May-200721:41696
X86_e725eabe3b403d84ac7f89446abc5412_31bf3856ad364e35_6.0.6000.20583_none_abd1de2cb4e77063.manifest04-May-200721:41707
X86_eae44eb2e832ecc19c6232fbed4ae239_31bf3856ad364e35_6.0.6000.16473_none_cdaec8f24606e64c.manifest04-May-200721:41708
X86_f006c732353fa94463808a9b37f05b4e_31bf3856ad364e35_6.0.6000.20583_none_aa4bf6e65c2afac6.manifest04-May-200721:41704
X86_f8d106d701d3c4741e8c4542da774cea_31bf3856ad364e35_6.0.6000.16473_none_0031a57e919d1da6.manifest04-May-200721:41707
X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16473_none_a99c7471f5e0124d.manifest04-May-200721:557,571
X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20583_none_aa1b41510f05ce08.manifest04-May-200721:557,244
X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16473_none_b2b426d3d9d96fb0.manifest04-May-200721:55283,492
X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20583_none_b332f3b2f2ff2b6b.manifest04-May-200721:55283,492
X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.16473_none_8d0ab50854e814d4.manifest04-May-200721:55812,318
X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.20583_none_8d8981e76e0dd08f.manifest04-May-200721:55812,318
X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643.manifest04-May-200721:5556,602
X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe.manifest04-May-200721:5556,602
X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16473_none_f963254f6ece1096.manifest04-May-200721:559,922
X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20583_none_f9e1f22e87f3cc51.manifest04-May-200721:559,595
X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.16473_none_3a80bafad9a98a77.manifest21-Apr-200703:0642,229
X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.20583_none_3aff87d9f2cf4632.manifest21-Apr-200702:2842,229
X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.16473_none_15407c3f12d8e6cb.manifest21-Apr-200703:06179,943
X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.20583_none_15bf491e2bfea286.manifest21-Apr-200702:28179,943
X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16473_none_45f9f85f46744951.manifest04-May-200721:5532,438
X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20583_none_4678c53e5f9a050c.manifest04-May-200721:5532,111
X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_110751142542e8bc.manifest04-May-200721:55928,320
X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_11861df33e68a477.manifest04-May-200721:55928,320
X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.16473_none_69fcb3c559a4f006.manifest21-Apr-200703:063,494
X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.20583_none_6a7b80a472caabc1.manifest21-Apr-200702:283,494
X86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_2d330f011d0e0526.manifest04-May-200721:55126,025
X86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_2db1dbe03633c0e1.manifest04-May-200721:55125,698
X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16473_none_c3a1c41c6188cdcb.manifest04-May-200721:5531,606
X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20583_none_c42090fb7aae8986.manifest04-May-200721:5531,279
X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16473_none_29c6da8c6838a328.manifest04-May-200721:5537,192
X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20583_none_2a45a76b815e5ee3.manifest04-May-200721:5537,192
X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16473_none_62737b97b12e8da6.manifest04-May-200721:55829,928
X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20583_none_62f24876ca544961.manifest04-May-200721:55829,599
X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16473_none_e66ce81694b1e1de.manifest04-May-200721:5510,829
X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20583_none_e6ebb4f5add79d99.manifest04-May-200721:5510,502
X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16473_none_0b151d32d72ca190.manifest04-May-200721:5511,056
X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20583_none_0b93ea11f0525d4b.manifest04-May-200721:5510,729
Advpack.dll7.0.6000.1647321-Apr-200702:47124,928
Advpack.dll7.0.6000.2058321-Apr-200702:12124,928
Urlmon.dll7.0.6000.1647321-Apr-200702:481,152,000
Urlmon.dll7.0.6000.2058321-Apr-200702:151,153,536
Inetcpl.cpl7.0.6000.1647321-Apr-200702:461,824,768
Inetcpl.cpl7.0.6000.2058321-Apr-200702:131,824,256
Jsproxy.dll7.0.6000.1647321-Apr-200702:4727,648
Wininet.dll7.0.6000.1647321-Apr-200702:49822,784
Wininetplugin.dll1.0.0.121-Apr-200702:4964,512
Jsproxy.dll7.0.6000.2058321-Apr-200702:1327,648
Wininet.dll7.0.6000.2058321-Apr-200702:15823,808
Wininetplugin.dll1.0.0.121-Apr-200702:1564,512
Ieapfltr.dat7.0.6011.011-Apr-200723:122,455,488
Ieapfltr.dll7.0.6000.1646121-Apr-200702:47383,488
Ieapfltr.dat7.0.6011.011-Apr-200723:212,455,488
Ieapfltr.dll7.0.6000.1646121-Apr-200702:13383,488
Mshtmled.dll7.0.6000.1647321-Apr-200702:47477,696
Mshtmled.dll7.0.6000.2058321-Apr-200702:14477,696
Mshtml.dll7.0.6000.1648104-May-200702:553,583,488
Mshtml.tlb7.0.6000.1648104-May-200700:211,383,424
Mshtml.dll7.0.6000.2059104-May-200702:423,584,000
Mshtml.tlb7.0.6000.2059104-May-200700:181,383,424
Ieunatt.exe7.0.6000.1647321-Apr-200702:4626,624
Iexplore.exe7.0.6000.1647321-Apr-200702:46625,152
Ieunatt.exe7.0.6000.2058321-Apr-200701:2026,624
Iexplore.exe7.0.6000.2058321-Apr-200701:21625,152
Ie4uinit.exe7.0.6000.1647321-Apr-200702:4656,832
Iernonce.dll7.0.6000.1647321-Apr-200702:4744,544
Iesetup.dll7.0.6000.1647321-Apr-200702:4756,320
Ie4uinit.exe7.0.6000.2058321-Apr-200701:2056,832
Iernonce.dll7.0.6000.2058321-Apr-200702:1344,544
Iesetup.dll7.0.6000.2058321-Apr-200702:1356,320
Iebrshim.dll6.0.6000.1647321-Apr-200702:4752,736
Iebrshim.dll6.0.6000.2058321-Apr-200702:1352,736
Ieframe.dll7.0.6000.1647321-Apr-200702:476,058,496
Ieui.dll7.0.6000.1647321-Apr-200702:47180,736
Ieframe.dll7.0.6000.2058321-Apr-200702:136,059,008
Ieui.dll7.0.6000.2058321-Apr-200702:13180,736
Ieinstal.exe6.0.6000.1647321-Apr-200702:46250,368
Ieinstal.exe6.0.6000.2058321-Apr-200701:21250,368
Ieuser.exe6.0.6000.1647321-Apr-200702:46294,912
Ieuser.exe6.0.6000.2058321-Apr-200701:21294,912

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

For Internet Explorer 7 in all supported x64 editions of Windows Vista:

File NameVersionDateTimeSize
Wsusscan.cab04-May-200723:00118,058
Amd64_137368b54a2eff275094f1170eb174ff_31bf3856ad364e35_6.0.6000.16473_none_dfc07f0820ff255e.manifest04-May-200721:411,064
Amd64_172495f36c6fc93fe3112317205028b5_31bf3856ad364e35_6.0.6000.20583_none_f648c88fb320a5ef.manifest04-May-200721:411,056
Amd64_194564191d550b1dd2f3c39abdabf44b_31bf3856ad364e35_6.0.6000.16473_none_f6e14019d1980533.manifest04-May-200721:41728
Amd64_1ce28f161c715c248234a5b9d9b28620_31bf3856ad364e35_6.0.6000.20583_none_eb83260d041250e8.manifest04-May-200721:411,048
Amd64_23719b6bd3cef355e2668a6f78d78879_31bf3856ad364e35_6.0.6000.20583_none_b952f2470ba069a1.manifest04-May-200721:41697
Amd64_259e8e479d69c6abc22e69c9dd680d21_31bf3856ad364e35_6.0.6000.16473_none_9aba98d676ad9cad.manifest04-May-200721:411,040
Amd64_2a149c8ddc887a81f57facf8c37ac822_31bf3856ad364e35_6.0.6000.20583_none_f2e2fa2d07499c12.manifest04-May-200721:41726
Amd64_2b3eba949d8c7c64821d569e0513fc4f_31bf3856ad364e35_6.0.6000.16473_none_b53e86c605a06f92.manifest04-May-200721:411,040
Amd64_309d3903cfdf844ce5fc819364b3a769_31bf3856ad364e35_6.0.6000.16481_none_1cd99b7867f0fad0.manifest04-May-200721:41706
Amd64_3b64d1439e9908dca59e1a80cbd15468_31bf3856ad364e35_6.0.6000.16473_none_7e73c53f51ecec85.manifest04-May-200721:411,036
Amd64_3ff79fa7d096621a794fc100a1a4bbb6_31bf3856ad364e35_6.0.6000.16473_none_5147185df4643053.manifest04-May-200721:41699
Amd64_442fa04319b53a351578703c13daae2f_31bf3856ad364e35_6.0.6000.16481_none_6b2fc06ea9679ecd.manifest04-May-200721:41708
Amd64_4b0aab6ac9657bc0d5780da06bbbeaf9_31bf3856ad364e35_6.0.6000.20583_none_45e514e5d2d37fd5.manifest04-May-200721:41699
Amd64_53f5d5a93e8fc0982b0fd21731d92132_31bf3856ad364e35_6.0.6000.20583_none_8b10d8224037e1ba.manifest04-May-200721:41704
Amd64_5dab9d78204352b28476fb3653a15c05_31bf3856ad364e35_6.0.6000.16473_none_bde6cd96de55bc73.manifest04-May-200721:411,056
Amd64_5f9457f3d9f8eca2d01b54ca2facbe9c_31bf3856ad364e35_6.0.6000.20583_none_b438ab5c7675b7ab.manifest04-May-200721:41706
Amd64_610da1047926a1167df265885e90328b_31bf3856ad364e35_6.0.6000.16473_none_ee6b07ad60912dba.manifest04-May-200721:411,060
Amd64_6399e6d451512a094fd35059c4e62b3c_31bf3856ad364e35_6.0.6000.20591_none_7e07a704251bbc14.manifest04-May-200721:41708
Amd64_645cd546943a60f21d1a26c9aab9e163_31bf3856ad364e35_6.0.6000.20583_none_7711d66ea6d97186.manifest04-May-200721:41699
Amd64_668d082ce2f8b621562bab1a6403f813_31bf3856ad364e35_6.0.6000.16473_none_baf0d1e73b139fca.manifest04-May-200721:41706
Amd64_66c589b899999d009ce8fcae800f89f5_31bf3856ad364e35_6.0.6000.16473_none_32689e7918887b6c.manifest04-May-200721:411,070
Amd64_71a5d6f716a7d1462628f29102aeb2a5_31bf3856ad364e35_6.0.6000.16473_none_c63fd93f14663407.manifest04-May-200721:411,064
Amd64_7607dbc8d83cb5415168f9e97e200c01_31bf3856ad364e35_6.0.6000.20583_none_812ce6156a88f403.manifest04-May-200721:411,070
Amd64_7643aea3509df4ad7a896b7ce9d0c052_31bf3856ad364e35_6.0.6000.16473_none_b437f9dcebb26930.manifest04-May-200721:41726
Amd64_779201b62cdc8329bb4eb8298ef9adfe_31bf3856ad364e35_6.0.6000.20591_none_20c776ff959baf70.manifest04-May-200721:41706
Amd64_7ba3e594d2bdcf1c8853293e8fb503cc_31bf3856ad364e35_6.0.6000.20583_none_0dc0291e5119afb1.manifest04-May-200721:41697
Amd64_7c225912108519a4ed2ab0e951a6451c_31bf3856ad364e35_6.0.6000.20583_none_a953537de55bda7f.manifest04-May-200721:411,048
Amd64_8225e3326665b3c008908f9d56d75f76_31bf3856ad364e35_6.0.6000.16473_none_9659ffac35877cb3.manifest04-May-200721:41704
Amd64_84c4852cf8458a77a749705bda467912_31bf3856ad364e35_6.0.6000.20583_none_f6b288e0eee50af7.manifest04-May-200721:411,064
Amd64_8a11e5299eb75374ae7effb120847e54_31bf3856ad364e35_6.0.6000.16473_none_aa43e7790d9bd1ce.manifest04-May-200721:411,048
Amd64_a045f9255194a19af573997d92b397b0_31bf3856ad364e35_6.0.6000.20583_none_e860cdc5c20e2824.manifest04-May-200721:411,040
Amd64_a0ef025def2e3a1c355f3c645671baf2_31bf3856ad364e35_6.0.6000.16473_none_811911261ad14a1e.manifest04-May-200721:41699
Amd64_a53a03c90a50570cb7365998625e6cb1_31bf3856ad364e35_6.0.6000.16473_none_28a175ec7c169061.manifest04-May-200721:41730
Amd64_be7d68797341871be9942dd6a65337d6_31bf3856ad364e35_6.0.6000.16473_none_dee4ec1215e02389.manifest04-May-200721:41697
Amd64_c4b4f7a455220e8c12f5f7cd5c7971b0_31bf3856ad364e35_6.0.6000.16473_none_6a4564d2a21089a9.manifest04-May-200721:41728
Amd64_c835b586ddedf6ed111aeb66d60dd75d_31bf3856ad364e35_6.0.6000.20583_none_1c240a4f1f9e429c.manifest04-May-200721:41730
Amd64_cc5024b0fb336e723da11f0715a21b20_31bf3856ad364e35_6.0.6000.16473_none_6b8e417a4b04c396.manifest04-May-200721:41697
Amd64_d076b45f36c32aa64010e7b1ceaa02af_31bf3856ad364e35_6.0.6000.20583_none_5ebf043704e8e89d.manifest04-May-200721:411,040
Amd64_d3e13a04a904d0b58690c7cb0a75c0e7_31bf3856ad364e35_6.0.6000.20583_none_3ec3b25c78bb90d9.manifest04-May-200721:41728
Amd64_decd8d41eed065c3104adfa2026b6387_31bf3856ad364e35_6.0.6000.20583_none_bf1c7047d481a620.manifest04-May-200721:41728
Amd64_e58580c188e1ccd6ae6455cad37f019d_31bf3856ad364e35_6.0.6000.16473_none_0e4e92997610507f.manifest04-May-200721:411,048
Amd64_eaad8b3f4f3ff450d4c2df1477c999ea_31bf3856ad364e35_6.0.6000.20583_none_56a886ffb51a6dbf.manifest04-May-200721:411,064
Amd64_f5d66ab978d839462ccbc03d4133feef_31bf3856ad364e35_6.0.6000.20583_none_49dd14226bbeb486.manifest04-May-200721:411,036
Amd64_fc6257cd403e3b6f33973e1b023ebc6f_31bf3856ad364e35_6.0.6000.20583_none_856993da7872917e.manifest04-May-200721:411,060
Amd64_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16473_none_05bb0ff5ae3d8383.manifest04-May-200722:027,603
Amd64_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20583_none_0639dcd4c7633f3e.manifest04-May-200722:027,274
Amd64_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16473_none_0ed2c2579236e0e6.manifest04-May-200722:02283,526
Amd64_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20583_none_0f518f36ab5c9ca1.manifest04-May-200722:02283,526
Amd64_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.16473_none_e929508c0d45860a.manifest04-May-200722:02810,403
Amd64_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.20583_none_e9a81d6b266b41c5.manifest04-May-200722:02810,403
Amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_5bd89df95d400779.manifest04-May-200722:0256,676
Amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_5c576ad87665c334.manifest04-May-200722:0256,676
Amd64_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16473_none_5581c0d3272b81cc.manifest04-May-200722:029,956
Amd64_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20583_none_56008db240513d87.manifest04-May-200722:029,627
Amd64_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.16473_none_969f567e9206fbad.manifest21-Apr-200704:2142,231
Amd64_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.20583_none_971e235dab2cb768.manifest21-Apr-200703:4042,231
Amd64_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.16473_none_715f17c2cb365801.manifest21-Apr-200704:21179,945
Amd64_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.20583_none_71dde4a1e45c13bc.manifest21-Apr-200703:40179,945
Amd64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16473_none_a21893e2fed1ba87.manifest04-May-200722:0232,472
Amd64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20583_none_a29760c217f77642.manifest04-May-200722:0232,143
Amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_6d25ec97dda059f2.manifest04-May-200722:02928,381
Amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_6da4b976f6c615ad.manifest04-May-200722:02928,381
Amd64_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.16473_none_c61b4f491202613c.manifest21-Apr-200704:213,502
Amd64_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.20583_none_c69a1c282b281cf7.manifest21-Apr-200703:403,502
Amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_8951aa84d56b765c.manifest04-May-200722:02126,498
Amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_89d07763ee913217.manifest04-May-200722:02126,169
Amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16473_none_1fc05fa019e63f01.manifest04-May-200722:0231,638
Amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20583_none_203f2c7f330bfabc.manifest04-May-200722:0231,309
Amd64_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16473_none_85e576102096145e.manifest04-May-200722:0237,911
Amd64_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20583_none_866442ef39bbd019.manifest04-May-200722:0237,911
Amd64_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16473_none_be92171b698bfedc.manifest04-May-200722:02830,034
Amd64_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20583_none_bf10e3fa82b1ba97.manifest04-May-200722:02829,703
Amd64_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16473_none_428b839a4d0f5314.manifest04-May-200722:0210,855
Amd64_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20583_none_430a507966350ecf.manifest04-May-200722:0210,526
Amd64_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16473_none_6733b8b68f8a12c6.manifest04-May-200722:0211,090
Amd64_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20583_none_67b28595a8afce81.manifest04-May-200722:0210,761
Wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_93a654d709cc3857.manifest04-May-200722:02120,967
Wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_942521b622f1f412.manifest04-May-200722:02120,967
X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16473_none_a99c7471f5e0124d.manifest04-May-200722:027,571
X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20583_none_aa1b41510f05ce08.manifest04-May-200722:027,244
X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16473_none_b2b426d3d9d96fb0.manifest04-May-200722:02283,492
X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20583_none_b332f3b2f2ff2b6b.manifest04-May-200722:02283,492
X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.16473_none_8d0ab50854e814d4.manifest04-May-200722:02812,318
X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.20583_none_8d8981e76e0dd08f.manifest04-May-200722:02812,318
X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643.manifest04-May-200722:0256,602
X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe.manifest04-May-200722:0256,602
X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16473_none_f963254f6ece1096.manifest04-May-200722:029,922
X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20583_none_f9e1f22e87f3cc51.manifest04-May-200722:029,595
X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.16473_none_3a80bafad9a98a77.manifest21-Apr-200703:0642,229
X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.20583_none_3aff87d9f2cf4632.manifest21-Apr-200702:2842,229
X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.16473_none_15407c3f12d8e6cb.manifest21-Apr-200703:06179,943
X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.20583_none_15bf491e2bfea286.manifest21-Apr-200702:28179,943
X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16473_none_45f9f85f46744951.manifest04-May-200722:0232,438
X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20583_none_4678c53e5f9a050c.manifest04-May-200722:0232,111
X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_110751142542e8bc.manifest04-May-200722:02928,320
X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_11861df33e68a477.manifest04-May-200722:02928,320
X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.16473_none_69fcb3c559a4f006.manifest21-Apr-200703:063,494
X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.20583_none_6a7b80a472caabc1.manifest21-Apr-200702:283,494
X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16473_none_c3a1c41c6188cdcb.manifest04-May-200722:0231,606
X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20583_none_c42090fb7aae8986.manifest04-May-200722:0231,279
X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16473_none_29c6da8c6838a328.manifest04-May-200722:0237,192
X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20583_none_2a45a76b815e5ee3.manifest04-May-200722:0237,192
X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16473_none_62737b97b12e8da6.manifest04-May-200722:02829,928
X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20583_none_62f24876ca544961.manifest04-May-200722:02829,599
X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16473_none_e66ce81694b1e1de.manifest04-May-200722:0210,829
X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20583_none_e6ebb4f5add79d99.manifest04-May-200722:0210,502
X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16473_none_0b151d32d72ca190.manifest04-May-200722:0211,056
X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20583_none_0b93ea11f0525d4b.manifest04-May-200722:0210,729
Advpack.dll7.0.6000.1647321-Apr-200704:06161,280
Advpack.dll7.0.6000.2058321-Apr-200703:24161,280
Urlmon.dll7.0.6000.1647321-Apr-200704:091,418,752
Urlmon.dll7.0.6000.2058321-Apr-200703:271,420,800
Inetcpl.cpl7.0.6000.1647321-Apr-200704:052,025,472
Inetcpl.cpl7.0.6000.2058321-Apr-200703:252,025,472
Jsproxy.dll7.0.6000.1647321-Apr-200704:0732,256
Wininet.dll7.0.6000.1647321-Apr-200704:091,019,392
Wininetplugin.dll1.0.0.121-Apr-200704:0993,184
Jsproxy.dll7.0.6000.2058321-Apr-200703:2532,256
Wininet.dll7.0.6000.2058321-Apr-200703:271,020,928
Wininetplugin.dll1.0.0.121-Apr-200703:2793,184
Ieapfltr.dat7.0.6011.011-Apr-200723:142,455,488
Ieapfltr.dll7.0.6000.1646121-Apr-200704:07424,448
Ieapfltr.dat7.0.6011.011-Apr-200723:212,455,488
Ieapfltr.dll7.0.6000.1646121-Apr-200703:25424,448
Mshtmled.dll7.0.6000.1647321-Apr-200704:08758,784
Mshtmled.dll7.0.6000.2058321-Apr-200703:25758,784
Mshtml.dll7.0.6000.1648104-May-200704:055,668,352
Mshtml.tlb7.0.6000.1648104-May-200700:211,383,424
Mshtml.dll7.0.6000.2059104-May-200703:535,669,888
Mshtml.tlb7.0.6000.2059104-May-200700:171,383,424
Ieunatt.exe7.0.6000.1647321-Apr-200704:0632,768
Iexplore.exe7.0.6000.1647321-Apr-200704:06679,424
Ieunatt.exe7.0.6000.2058321-Apr-200701:4832,768
Iexplore.exe7.0.6000.2058321-Apr-200701:48679,424
Ie4uinit.exe7.0.6000.1647321-Apr-200704:0668,608
Iernonce.dll7.0.6000.1647321-Apr-200704:0757,344
Iesetup.dll7.0.6000.1647321-Apr-200704:0769,120
Ie4uinit.exe7.0.6000.2058321-Apr-200701:4868,608
Iernonce.dll7.0.6000.2058321-Apr-200703:2557,344
Iesetup.dll7.0.6000.2058321-Apr-200703:2569,120
Iebrshim.dll6.0.6000.1647321-Apr-200704:07104,960
Iebrshim.dll6.0.6000.2058321-Apr-200703:25104,960
Ieframe.dll7.0.6000.1647321-Apr-200704:077,058,944
Ieui.dll7.0.6000.1647321-Apr-200704:07228,352
Ieframe.dll7.0.6000.2058321-Apr-200703:257,059,968
Ieui.dll7.0.6000.2058321-Apr-200703:25228,352
Ieinstal.exe6.0.6000.1647321-Apr-200704:06260,608
Ieinstal.exe6.0.6000.2058321-Apr-200701:48260,608
Ieuser.exe6.0.6000.1647321-Apr-200704:06341,504
Ieuser.exe6.0.6000.2058321-Apr-200701:48341,504
Ieunatt.exe7.0.6000.1647321-Apr-200702:4626,624
Iexplore.exe7.0.6000.1647321-Apr-200702:46625,152
Ieunatt.exe7.0.6000.2058321-Apr-200701:2026,624
Iexplore.exe7.0.6000.2058321-Apr-200701:21625,152
Advpack.dll7.0.6000.1647321-Apr-200702:47124,928
Advpack.dll7.0.6000.2058321-Apr-200702:12124,928
Urlmon.dll7.0.6000.1647321-Apr-200702:481,152,000
Urlmon.dll7.0.6000.2058321-Apr-200702:151,153,536
Inetcpl.cpl7.0.6000.1647321-Apr-200702:461,824,768
Inetcpl.cpl7.0.6000.2058321-Apr-200702:131,824,256
Jsproxy.dll7.0.6000.1647321-Apr-200702:4727,648
Wininet.dll7.0.6000.1647321-Apr-200702:49822,784
Wininetplugin.dll1.0.0.121-Apr-200702:4964,512
Jsproxy.dll7.0.6000.2058321-Apr-200702:1327,648
Wininet.dll7.0.6000.2058321-Apr-200702:15823,808
Wininetplugin.dll1.0.0.121-Apr-200702:1564,512
Ieapfltr.dat7.0.6011.011-Apr-200723:122,455,488
Ieapfltr.dll7.0.6000.1646121-Apr-200702:47383,488
Ieapfltr.dat7.0.6011.011-Apr-200723:212,455,488
Ieapfltr.dll7.0.6000.1646121-Apr-200702:13383,488
Mshtmled.dll7.0.6000.1647321-Apr-200702:47477,696
Mshtmled.dll7.0.6000.2058321-Apr-200702:14477,696
Mshtml.dll7.0.6000.1648104-May-200702:553,583,488
Mshtml.tlb7.0.6000.1648104-May-200700:211,383,424
Mshtml.dll7.0.6000.2059104-May-200702:423,584,000
Mshtml.tlb7.0.6000.2059104-May-200700:181,383,424
Ie4uinit.exe7.0.6000.1647321-Apr-200702:4656,832
Iernonce.dll7.0.6000.1647321-Apr-200702:4744,544
Iesetup.dll7.0.6000.1647321-Apr-200702:4756,320
Ie4uinit.exe7.0.6000.2058321-Apr-200701:2056,832
Iernonce.dll7.0.6000.2058321-Apr-200702:1344,544
Iesetup.dll7.0.6000.2058321-Apr-200702:1356,320
Iebrshim.dll6.0.6000.1647321-Apr-200702:4752,736
Iebrshim.dll6.0.6000.2058321-Apr-200702:1352,736
Ieframe.dll7.0.6000.1647321-Apr-200702:476,058,496
Ieui.dll7.0.6000.1647321-Apr-200702:47180,736
Ieframe.dll7.0.6000.2058321-Apr-200702:136,059,008
Ieui.dll7.0.6000.2058321-Apr-200702:13180,736
Ieinstal.exe6.0.6000.1647321-Apr-200702:46250,368
Ieinstal.exe6.0.6000.2058321-Apr-200701:21250,368
Ieuser.exe6.0.6000.1647321-Apr-200702:46294,912
Ieuser.exe6.0.6000.2058321-Apr-200701:21294,912

Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

Deployment Information

Installing the Update

When you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Windows hotfix. If you have previously installed a hotfix to update one of these files, the installer will apply the LDR version of this update. Otherwise, the installer will apply the GDR version of the update. For more information about this behavior, see Microsoft Knowledge Base Article 824994.

For more information about the installer, see Microsoft Knowledge Base Article 934307.

For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684.

This security update supports the following setup switches.

Supported Security Update Installation Switches
SwitchDescription
/?, /h, /helpDisplays help on supported switches.
/quietSuppresses the display of status or error messages.
/norestartWhen combined with /quiet, the system will not be restarted after installation even if a restart is required to complete installation.

Note For more information about the installer, see Microsoft Knowledge Base Article 934307.

Verifying that the Update Has Been Applied

  • Microsoft Baseline Security Analyzer

    To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information.

  • File Version Verification

    Note Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps.

    1. Click Start and then enter an update file name in Start Search.
    2. When the file appears under Programs, right-click on the file name and click Properties.
    3. Under the General tab, compare the file size with the file information tables provided earlier in this section.
    4. You may also click on the Details tab and compare information, such as file version and date modified, with the file information tables provided earlier in this section.
    5. Finally, you may also click on the Previous Versions tab and compare file information for the previous version of the file with the file information for the new, or updated, version of the file.

Other Information

Acknowledgments

Microsoft thanks the following for working with us to help protect customers:

  • An anonymous researcher working with iDefense VCP for reporting the COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218.
  • Tom Cross of ISS for working with Microsoft on the COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218.
  • An anonymous researcher working with TippingPoint and the Zero Day Initiative for reporting the Language Pack Installation Vulnerability - CVE-2007-3027.
  • Sam Thomas working with TippingPoint and the Zero Day Initiative for reporting the Uninitialized Memory Corruption Vulnerability - CVE-2007-1751.
  • Will Dorman of CERT/CC for reporting the Speech Control Memory Corruption Vulnerability - CVE-2007-2222.
  • Haifei Li of Fortinet's FortiGuard Global Security Research Team for working with Microsoft on the Speech Control Memory Corruption Vulnerability - CVE-2007-2222.

Support

  • Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.
  • International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Disclaimer

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

  • V1.0 (June 12, 2007): Bulletin published.
  • V1.1 (June 12, 2007): Bulletin Revised: CVE number corrected for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1499.
  • V1.2 (June 13, 2007): Bulletin Revised: Registry Key Verification corrected for Internet Explorer 6 Service Pack 1 on all supported editions of Microsoft Windows 2000 Service Pack 4; Removed duplicate text in Workarounds for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218 and Workarounds for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751

Built at 2014-04-16T02:39:51Z-07:00

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.