__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN Cumulative Security Update for Internet Explorer (933566) [Microsoft Security Bulletin (MS07-033)] June 12, 2007 18:00 GMT Number R-270 [REVISED 15 June 2007] [REVISED 22 June 2007] ______________________________________________________________________________ PROBLEM: A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. PLATFORM: Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1 Microsoft Windows 2000 Service Pack 4 Internet Explorer 6 Windows XP Service Pack 2 Windows XP Professional x64 Edition and Service Pack 2 Windows Server 2003 Service Pack 1 and 2 Windows Server 2003 x64 Edition and 2 Windows Server 2003 with SP1 and SP2 for Itanium-based Systems Internet Explorer 7 Windows XP Service Pack 2 Windows XP Professional x64 Edition and Service Pack 2 Windows Server 2003 Service Pack 1 and 2 Windows Server 2003 x64 Edition and Service Pack 2 Windows Server 2003 with SP1 and SP2 for Itanium-based Systems Windows Vista Windows Vista x64 Edition Storage Management Appliance (SMA) v2.1 software running on Storage Management Appliance I, II, III DAMAGE: Could allow remote code execution and complete control of an affected system. SOLUTION: Upgrade to the appropriate version. ______________________________________________________________________________ VULNERABILITY The risk is HIGH. Could allow remote code execution and ASSESSMENT: complete control of an affected system. ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/r-270.shtml ORIGINAL BULLETIN: http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx ADDITIONAL LINK: Visit Hewlett-Packard's Subscription Service for: HPSBST02231 SSRT071438 rev. 1 CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2007-0218 CVE-2007-1750 CVE-2007-3027 CVE-2007-1751 CVE-2007-1752 CVE-2007-2222 ______________________________________________________________________________ REVISION HISTORY: 06/15/2007 - revised R-270 to reflect changes Microsoft has made in MS07-033 where they corrected the Registry Key Verification for Internet Explorer 6 Service Pack 1 on all supported editions of Microsoft Windows 2000 Service Pack 4 and removed duplicate text for in Workarounds section. 06/22/2007 - revised R-270 to add a link to HPSBST02231 SSRT071438 rev.1 for Storage Management Appliance (SMA) v2.1 software running on Storage Management Appliance I, II, III. [***** Start Microsoft Security Bulletin (MS07-033) *****] Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566) Published: June 12, 2007 | Updated: June 13, 2007 Version: 1.2 General Information Executive Summary This critical security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. This is a critical security update for supported releases of Internet Explorer 5.01 and Internet Explorer 6, and most supported releases of Internet Explorer 7. For Internet Explorer 7 for supported versions and editions of Windows Server 2003, this update is rated moderate. For more information, see the subsection, Affected and Non-Affected Software, in this section. This security update addresses two vulnerabilities by setting the kill bit for COM objects and for the rest, by modifying the way that Internet Explorer handles calls, error conditions, and special features such as Language Pack Installation and Speech Control. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. Recommendation. Microsoft recommends that customers apply the update immediately. Known Issues. Microsoft Knowledge Base Article 933566 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. Top of section Affected and Non-Affected Software The software listed here has been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle. Affected Software Operating System Component Maximum Security Impact Aggregate Severity Rating Bulletins Replaced by This Update Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1 Microsoft Windows 2000 Service Pack 4 Microsoft Internet Explorer 5.01 Service Pack 4 Remote Code Execution Critical MS07-027 Microsoft Windows 2000 Service Pack 4 Microsoft Internet Explorer 6 Service Pack 1 Remote Code Execution Critical MS07-027 Internet Explorer 6 Windows XP Service Pack 2 Microsoft Internet Explorer 6 Remote Code Execution Critical MS07-027 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 Microsoft Internet Explorer 6 Remote Code Execution Critical MS07-027 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 Microsoft Internet Explorer 6 Remote Code Execution Critical MS07-027 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 Microsoft Internet Explorer 6 Remote Code Execution Critical MS07-027 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems Microsoft Internet Explorer 6 Remote Code Execution Critical MS07-027 Internet Explorer 7 Windows XP Service Pack 2 Windows Internet Explorer 7 Remote Code Execution Critical MS07-027 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 Windows Internet Explorer 7 Remote Code Execution Critical MS07-027 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 Windows Internet Explorer 7 Remote Code Execution Moderate MS07-027 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 Windows Internet Explorer 7 Remote Code Execution Moderate MS07-027 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems Windows Internet Explorer 7 Remote Code Execution Moderate MS07-027 Windows Vista Windows Internet Explorer 7 Remote Code Execution Critical MS07-027 Windows Vista x64 Edition Windows Internet Explorer 7 Remote Code Execution Critical MS07-027 Top of section Frequently Asked Questions (FAQ) Related to This Security Update What are the known issues that customers may experience when they install this security update? Microsoft Knowledge Base Article 933566 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. Why does this update address several reported security vulnerabilities? This update addresses several vulnerabilities because the modifications for these issues are located in related files. Instead of having to install several updates that are almost the same, customers need to install this update only. Does this update contain any security-related changes that are not Internet Explorer specific? Yes. The changes are listed under the specific vulnerability entry, “Speech Control Memory Corruption Vulnerability CVE-2007-2222” in the next section, Vulnerability Information. I am using an older release of the software discussed in this security bulletin. What should I do? The affected software listed in this bulletin have been tested to determine which releases are affected. Other releases are past their support life cycle. To determine the support life cycle for your software release, visit Microsoft Support Lifecycle. It should be a priority for customers who have older releases of the software to migrate to supported releases to prevent potential exposure to vulnerabilities. For more information about the Windows Product Lifecycle, visit the following Microsoft Support Lifecycle. For more information about the extended security update support period for these software releases, visit the Microsoft Product Support Services Web site. Customers who require custom support for older software must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. For contact information, visit the Microsoft Worldwide Information Web site, select the country, and then click Go to see a list of telephone numbers. When you call, ask to speak with the local Premier Support sales manager. For more information, see the Windows Operating System Product Support Lifecycle FAQ. Top of section Vulnerability Information Severity Ratings and Vulnerability Identifiers Vulnerability Severity Rating and Maximum Security Impact by Affected Software Affected Software COM Object Instantiation Memory Corruption Vulnerability – CVE-2007-0218 CSS Tag Memory Corruption Vulnerability – CVE-2007-1750 Language Pack Installation Vulnerability – CVE-2007-3027 Uninitialized Memory Corruption Vulnerability – CVE-2007-1751 Navigation Cancel Page Spoofing Vulnerability – CVE-2007-1752 Speech Control Memory Corruption Vulnerability – CVE-2007-2222 Aggregate Severity Rating Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1 Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 Critical Remote Code Execution None Critical Remote Code Execution Critical Remote Code Execution None Critical Remote Code Execution Critical Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4 Critical Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution None Critical Remote Code Execution Critical Internet Explorer 6 Internet Explorer 6 for Windows XP Service Pack 2 Critical Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution None Critical Remote Code Execution Critical Internet Explorer 6 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 Critical Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution None Critical Remote Code Execution Critical Internet Explorer 6 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 Moderate Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution Moderate Remote Code Execution None Moderate Remote Code Execution Critical Internet Explorer 6 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 Moderate Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution Moderate Remote Code Execution None Moderate Remote Code Execution Critical Internet Explorer 6 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems Moderate Remote Code Execution Critical Remote Code Execution Critical Remote Code Execution Moderate Remote Code Execution None Moderate Remote Code Execution Critical Internet Explorer 7 Internet Explorer 7 for Windows XP Service Pack 2 None None Critical Remote Code Execution Critical Remote Code Execution Moderate Spoofing Critical Remote Code Execution Critical Internet Explorer 7 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 None None Critical Remote Code Execution Critical Remote Code Execution Moderate Spoofing Critical Remote Code Execution Critical Internet Explorer 7 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 None None Moderate Remote Code Execution Moderate Remote Code Execution Moderate Spoofing Moderate Remote Code Execution Moderate Internet Explorer 7 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 None None Moderate Remote Code Execution Moderate Remote Code Execution Moderate Spoofing Moderate Remote Code Execution Moderate Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems None None Moderate Remote Code Execution Moderate Remote Code Execution Moderate Spoofing Low Remote Code Execution Moderate Internet Explorer 7 in Windows Vista None None None Critical Remote Code Execution Moderate Spoofing Critical Remote Code Execution Critical Internet Explorer 7 in Windows Vista x64 Edition None None None Critical Remote Code Execution Moderate Spoofing Critical Remote Code Execution Critical Top of section COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218 A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-0218. Mitigating Factors for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218 Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation: • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site. • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. • By default, all supported releases of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps reduce attacks that could try to exploit this vulnerability by preventing ActiveX controls from being used when reading HTML e-mail. However, if a user clicks on a link within an e-mail they could still be vulnerable to this issue through the Web-based attack scenario. • By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See the FAQ section of this security bulletin for more information about Internet Explorer Enhanced Security Configuration. • Internet Explorer 7 is not affected by this vulnerability. Top of section Workarounds for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality: • Configure Internet Explorer to prompt before running ActiveX Controls or disable ActiveX Controls in the Internet and Local intranet security zone You can help protect against this vulnerability by changing your Internet Explorer settings to prompt before running ActiveX controls. To do this, follow these steps: 1. In Internet Explorer, click Internet Options on the Tools menu. 2. Click the Security tab. 3. Click Internet, and then click Custom Level. 4. Under Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK. 5. Click Local intranet, and then click Custom Level. 6. Under Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK. 7. Click OK two times to return to Internet Explorer. Impact of Workaround: There are side effects to prompting before running ActiveX controls. Many Web sites that are on the Internet or on an intranet use ActiveX to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”. Add sites that you trust to the Internet Explorer Trusted sites zone. After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone. To do this, follow these steps: 1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. 2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites. 3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add. 5. Repeat these steps for each site that you want to add to the zone. 6. Click OK two times to accept the changes and return to Internet Explorer. Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and “*.update.microsoft.com” (without the quotation marks). These are the sites that will host the update, and it requires an ActiveX Control to install the update. • Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones You can help protect against this vulnerability by changing your settings for the Internet security zone to prompt before running ActiveX controls and Active Scripting. You can do this by setting your browser security to High. To raise the browsing security level in Internet Explorer, follow these steps: 1. On the Internet Explorer Tools menu, click Internet Options. 2. In the Internet Options dialog box, click the Security tab, and then click the Internet icon. 3. Under Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High. Note If no slider is visible, click Default Level, and then move the slider to High. Note Setting the level to High may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High. Impact of Workaround: There are side effects to prompting before running ActiveX controls and Active Scripting. Many Web sites that are on the Internet or on an intranet use ActiveX or Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls or Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls or Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”. Add sites that you trust to the Internet Explorer Trusted sites zone. After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone. To do this, follow these steps: 1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. 2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites. 3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add. 5. Repeat these steps for each site that you want to add to the zone. 6. Click OK two times to accept the changes and return to Internet Explorer. Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and “*.update.microsoft.com” (without the quotation marks). These are the sites that will host the update, and it requires an ActiveX Control to install the update. • Prevent COM objects from running in Internet Explorer You can disable attempts to instantiate a COM object in Internet Explorer by setting the kill bit for the control in the registry. Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. For detailed steps that you can use to prevent a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow these steps in this article to create a Compatibility Flags value in the registry to prevent a COM object from being instantiated in Internet Explorer. Note The Class Identifiers and corresponding files where the COM objects are contained are documented provided in the table below Class Identifier File {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} Urlmon.dll {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} Urlmon.dll {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} Urlmon.dll {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} Urlmon.dll {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} Urlmon.dll {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} Urlmon.dll {3DD53D40-7B8B-11D0-B013-00AA0059CE02} Urlmon.dll Replace {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} below with the Class Identifiers above. To set the kill bit for a CLSID with a value of {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}, paste the following text in a text editor such as Notepad. Then, save the file by using the .reg file name extension. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{ XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX }] "Compatibility Flags"=dword:00000400 You can apply this .reg file to individual systems by double-clicking it. You can also apply it across domains by using Group Policy. For more information about Group Policy, visit the following Microsoft Web sites: • Group Policy collection • What is Group Policy Object Editor? • Core Group Policy tools and settings Note You must restart Internet Explorer for your changes to take effect. Impact of Workaround: There is no impact as long as the COM object is not intended to be used in Internet Explorer. Top of section FAQ for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218 What is the scope of the vulnerability? This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data. What causes the vulnerability? When Internet Explorer tries to instantiate certain COM objects as ActiveX Controls under certain conditions, the COM objects may corrupt the system state in such a way that an attacker could execute arbitrary code. What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. How could an attacker exploit the vulnerability? An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger request that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. What systems are primarily at risk from the vulnerability? This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability. I am running Internet Explorer 7. Does this mitigate this vulnerability? Yes. Internet Explorer 7 is not affected by this vulnerability. I am running Internet Explorer for Windows Server 2003. Does this mitigate this vulnerability? Yes. By default, Internet Explorer for Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running malicious Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration. What does the update do? The update removes the vulnerability by modifying the vulnerable components to better handle the returning of values. When this security bulletin was issued, had this vulnerability been publicly disclosed? No. Microsoft received information about this vulnerability through responsible disclosure. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued. Top of section Top of section CSS Tag Memory Corruption Vulnerability - CVE-2007-1750 A remote code execution vulnerability exists in Internet Explorer due to improper handling of a CSS tag. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-1750. Mitigating Factors for CSS Tag Memory Corruption Vulnerability - CVE-2007-1750 Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation: • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail or Instant Messenger message that takes users to the attacker's Web site. • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. • By default, all supported releases of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps reduce the number of successful attacks that exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail. However, if a user clicks on a link within an e-mail they could still be vulnerable to this issue through the Web-based attack scenario. Note It cannot be ruled out that this vulnerability could be used in an exploit without Active Scripting. However, using Active Scripting significantly increases the chances of a successful exploit. As a result, this vulnerability has been given a severity rating of Critical on Windows Server 2003. • Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4 and Internet Explorer 7 are not affected by this vulnerability. Top of section Workarounds for CSS Tag Memory Corruption Vulnerability - CVE-2007-1750 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality: • Read e-mail messages in plain text format to help protect yourself from the HTML e-mail attack vector You can help protect yourself against this vulnerability by changing your e-mail settings to read e-mail messages in plain text using Outlook 2002 and later, Outlook Express 6 and later, or Windows Mail. For information in Outlook, search “plain text” in Help and review “Read messages in plain text.” In Outlook Express, search “plain text” in Help and review “Reducing your risk of getting e-mail viruses.” In Windows Mail, search “plain text” in Help and review “Security and privacy in Windows Mail.” Impact of workaround: E-mail messages that are viewed in plain text format will not contain pictures, specialized fonts, animations, or other rich content. Additionally: • The changes are applied to the preview pane and to open messages. • Pictures become attachments so that they are not lost. • Because the message is still in Rich Text or HTML format in the store, the object model (custom code solutions) may behave unexpectedly. Top of section FAQ for CSS Tag Memory Corruption Vulnerability - CVE-2007-1750 What is the scope of the vulnerability? This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data. What causes the vulnerability? Internet Explorer improperly parses a specially crafted CSS tag. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user. What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. How could an attacker exploit the vulnerability? An attacker could host a specially crafted Web site that is designed to exploit the vulnerability and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. What systems are primarily at risk from the vulnerability? This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities. What is CSS? CSS or Cascading Style Sheets is a formatting method for Web pages using HTML. What does the update do? The update removes the vulnerability by modifying the way that Internet Explorer handles CSS tags. When this security bulletin was issued, had this vulnerability been publicly disclosed? No. Microsoft had not received any information to indicate that this vulnerability had been publicly disclosed when this security bulletin was originally issued. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued. Top of section Top of section Language Pack Installation Vulnerability - CVE-2007-3027 A remote code execution vulnerability exists in Internet Explorer in the way that it handles language pack installation. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. User interaction, while expected, is required to exploit this vulnerability. To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-3027. Mitigating Factors for Language Pack Installation Vulnerability - CVE-2007-3027 Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation: • User interaction, while expected, is required to exploit this vulnerability. • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site. • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. • Internet Explorer 7 in Windows Vista and Internet Explorer 7 in Windows Vista x64 Edition are not affected by this vulnerability. Top of section Workarounds for Language Pack Installation Vulnerability - CVE-2007-3027 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality: • Prevent Language Pack Installation You can prevent language pack installation in Internet Explorer by setting a registry key. Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International] "W2KLpk"=dword:00000000 You can apply this .reg file to individual systems by double-clicking it. You can also apply it across domains by using Group Policy. For more information about Group Policy, visit the following Microsoft Web sites: • Group Policy collection • What is Group Policy Object Editor? • Core Group Policy tools and settings Note You must restart Internet Explorer for your changes to take effect. Impact of Workaround: No language pack(s) will be installed on demand. How to undo the workaround: You can enable language pack installation in Internet Explorer by setting a registry key. Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International] "W2KLpk"=dword:00000001 Top of section FAQ for Language Pack Installation Vulnerability - CVE-2007-3027 What is the scope of the vulnerability? This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data. What causes the vulnerability? Internet Explorer may attempt to install multiple language packs in such a way that a race condition may occur. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user. What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. How could an attacker exploit the vulnerability? An attacker could host a specially crafted Web site that is designed to exploit the vulnerability and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. What systems are primarily at risk from the vulnerability? This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities. What are language packs on Internet Explorer? Typically, a Web page may need to download character sets to display the page properly, or to perform a particular task. For example, if you open a Web page that requires Japanese-text display support (Charset=euc-jp), Internet Explorer automatically prompts you to download the Japanese Language Pack component if it is not already installed. What does the update do? The update removes the vulnerability by ensuring that a race condition does not occur as a result of attempts to start the installation of multiple language packs. When this security bulletin was issued, had this vulnerability been publicly disclosed? No. Microsoft received information about this vulnerability through responsible disclosure. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued. Top of section Top of section Uninitialized Memory Corruption Vulnerability - CVE-2007-1751 A remote code execution vulnerability exists in the way Internet Explorer accesses an object that has not been correctly initialized or that has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-1751. Mitigating Factors for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751 Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation: • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site. • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. • The Restricted sites zone helps reduce attacks that could try to exploit this vulnerability by preventing Active Scripting from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to this issue through the Web-based attack scenario. • By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See the FAQ section of this security update for more information about Internet Explorer Enhanced Security Configuration. Top of section Workarounds for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality: • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone You can help protect against this vulnerability by changing your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. To do this, follow these steps: 1. In Internet Explorer, click Internet Options on the Tools menu. 2. Click the Security tab. 3. Click Internet, and then click Custom Level. 4. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK. 5. Click Local intranet, and then click Custom Level. 6. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK. 7. Click OK two times to return to Internet Explorer. Note Disabling Active Scripting in the Internet and Local intranet security zones may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly. Add sites that you trust to the Internet Explorer Trusted sites zone After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone. To do this, follow these steps: 1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. 2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites. 3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add. 5. Repeat these steps for each site that you want to add to the zone. 6. Click OK two times to accept the changes and return to Internet Explorer. Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and “*.update.microsoft.com” (without the quotation marks). These are the sites that will host the update, and it requires an ActiveX Control to install the update. Impact of Workaround: There are side effects to prompting before running Active Scripting. Many Web sites that are on the Internet or on an intranet use Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use Active Scripting to provide menus, ordering forms, or even account statements. Prompting before running Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”. • Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones You can help protect against this vulnerability by changing your settings for the Internet security zone to prompt before running ActiveX controls and Active Scripting. You can do this by setting your browser security to High. To raise the browsing security level in Internet Explorer, follow these steps: 1. On the Internet Explorer Tools menu, click Internet Options. 2. In the Internet Options dialog box, click the Security tab, and then click the Internet icon. 3. Under Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High. Note If no slider is visible, click Default Level, and then move the slider to High. Note Setting the level to High may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High. Add sites that you trust to the Internet Explorer Trusted sites zone After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone. To do this, follow these steps: 1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. 2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites. 3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add. 5. Repeat these steps for each site that you want to add to the zone. 6. Click OK two times to accept the changes and return to Internet Explorer. Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and “*.update.microsoft.com” (without the quotation marks). These are the sites that will host the update, and it requires an ActiveX Control to install the update. Impact of Workaround: There are side effects to prompting before running ActiveX Controls and Active Scripting. Many Web sites that are on the Internet or on an intranet use ActiveX or Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX Controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX Controls or Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX Controls or Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”. Top of section FAQ for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751 What is the scope of the vulnerability? This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data. What causes the vulnerability? Internet Explorer attempts to access an object which has not been initialized or has been deleted. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user. What might an attacker use the vulnerability to do? An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. How could an attacker exploit the vulnerability? An attacker could host a specially crafted Web site that is designed to exploit these vulnerabilities through Internet Explorer and then convince a user to visit the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. What systems are primarily at risk from the vulnerability? This vulnerability requires that a user be logged on and visit a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities. I am running Internet Explorer for Windows Server 2003. Does this mitigate this vulnerability? Yes. By default, Internet Explorer for Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running malicious Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration. What does the update do? The update removes the vulnerability by modifying the way that Internet Explorer handles errors when calls are made to objects that are no longer initialized. When this security bulletin was issued, had this vulnerability been publicly disclosed? No. Microsoft received information about this vulnerability through responsible disclosure. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued. Top of section Top of section Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1752 A spoofing vulnerability exists in Internet Explorer that could allow an attacker to display spoofed content in the Navigation canceled page. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-1752. Mitigating Factors for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1752 Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation: • User interaction, while expected, is required to exploit this vulnerability. • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site. • Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4, Internet Explorer 6 Service Pack 1 when installed on Windows 2000 Service Pack 4, and Internet Explorer 6 are not affected by this vulnerability. Top of section Workarounds for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1752 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality: • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone You can help protect against this vulnerability by changing your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. To do this, follow these steps: 1. In Internet Explorer, click Internet Options on the Tools menu. 2. Click the Security tab. 3. Click Internet, and then click Custom Level. 4. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK. 5. Click Local intranet, and then click Custom Level. 6. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK. 7. Click OK two times to return to Internet Explorer. Note Disabling Active Scripting in the Internet and Local intranet security zones may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly. Impact of workaround: There are side effects to prompting before running Active Scripting. Many Web sites that are on the Internet or on an intranet use Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use Active Scripting to provide menus, ordering forms, or even account statements. Prompting before running Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”. Add sites that you trust to the Internet Explorer Trusted sites zone After you set Internet Explorer to require a prompt before it runs ActiveX controls or Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone. To do this, follow these steps: 1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. 2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites. 3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add. 5. Repeat these steps for each site that you want to add to the zone. 6. Click OK two times to accept the changes and return to Internet Explorer. Note Add any sites that you trust not to take malicious action on your system. Two in particular that you may want to add are *.windowsupdate.microsoft.com and *.update.microsoft.com. These are the sites that will host the update, and it requires an ActiveX Control to install the update. Top of section FAQ for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1752 What is the scope of the vulnerability? This is a spoofing vulnerability in Internet Explorer. The vulnerability could allow an attacker to display spoofed content in a browser window. What causes the vulnerability? Internet Explorer incorrectly allows the modification of the navigation cancel page. As a result, an attacker could modify a URL which is otherwise trusted by a user. How could an attacker exploit the vulnerability? An attacker could host a specially crafted Web site, which is designed to exploit the vulnerability, and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. What systems are primarily at risk from the vulnerability? This vulnerability requires that a user click on a URL for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability. What does the update do? The update removes the vulnerability by modifying the “Navigation to the webpage was canceled” page so no attempt can be made to modify it by script. When this security bulletin was issued, had this vulnerability been publicly disclosed? Yes. This vulnerability has been publicly disclosed. It has been assigned Common Vulnerability and Exposure number CVE-2007-1752. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? No. Microsoft had seen examples of proof of concept code published publicly but had not received any information to indicate that this vulnerability had been publicly used to attack customers when this security bulletin was originally issued. Does applying this security update help protect customers from the code that has been published publicly that attempts to exploit this vulnerability? Yes. This security update addresses the vulnerability that potentially could be exploited by using the published proof of concept code. The vulnerability that has been addressed has been assigned the Common Vulnerability and Exposure number CVE-2007-1752. Top of section Top of section Speech Control Memory Corruption Vulnerability - CVE-2007-2222 A remote code execution vulnerability exists in a component of Microsoft Speech API 4. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-2222. Mitigating Factors for Speech Control Memory Corruption Vulnerability - CVE-2007-2222 Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation: • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail or Instant Messenger message that takes users to the attacker's Web site. • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Top of section Workarounds for Speech Control Memory Corruption Vulnerability - CVE-2007-2222 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality: • Prevent COM objects from running in Internet Explorer You can disable attempts to instantiate a COM object in Internet Explorer by setting the kill bit for the control in the registry. Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. For detailed steps that you can use to prevent a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow these steps in this article to create a Compatibility Flags value in the registry to prevent a COM object from being instantiated in Internet Explorer. Note The Class Identifiers and corresponding files where the COM objects are contained are documented under “What does the update do?” in the “FAQ for Speech Control Memory Corruption Vulnerability - CVE-2007-2222” section. Replace {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} below with the Class Identifiers found in this section. To set the kill bit for a CLSID with a value of {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}, paste the following text in a text editor such as Notepad. Then, save the file by using the .reg file name extension. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{ XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX }] "Compatibility Flags"=dword:00000400 You can apply this .reg file to individual systems by double-clicking it. You can also apply it across domains by using Group Policy. For more information about Group Policy, visit the following Microsoft Web sites: • Group Policy collection • What is Group Policy Object Editor? • Core Group Policy tools and settings Note You must restart Internet Explorer for your changes to take effect. Impact of Workaround: There is no impact as long as the object is not intended to be used in Internet Explorer. Top of section FAQ for Speech Control Memory Corruption Vulnerability - CVE-2007-2222 What is the scope of the vulnerability? This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data. What causes the vulnerability? When the ActiveX object is used in Internet Explorer, the object may corrupt the system state in such a way that an attacker could execute arbitrary code. What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. How could an attacker exploit the vulnerability? An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger request that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. What systems are primarily at risk from the vulnerability? This vulnerability requires that a user be logged on and visit a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability. What is Microsoft Speech? Microsoft Speech is a technology for speech-based interaction with Windows-based computers. Microsoft Speech SDKs provide continuous speech recognition and text-to-speech engines, tools, sample source code, and information needed for developing speech-enabled applications for Windows. What does the update do? This update sets the kill bit for a list of Class Identifier (CLSIDs). The Class Identifies and corresponding files are as follows: Class Identifier File {4E3D9D1F-0C63-11D1-8BFB-0060081841DE} Xlisten.dll {EEE78591-FE22-11D0-8BEF-0060081841DE} Xvoice.dll When this security bulletin was issued, had this vulnerability been publicly disclosed? No. Microsoft received information about this vulnerability through responsible disclosure. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued. Top of section Top of section Update Information Detection and Deployment Tools and Guidance Manage the software and security updates you need to deploy to the servers, desktop, and mobile computers in your organization. For more information see the TechNet Update Management Center. The Microsoft TechNet Security Web site provides additional information about security in Microsoft products. Security updates are available from Microsoft Update, Windows Update, and Office Update. Security updates are also available at the Microsoft Download Center. You can find them most easily by doing a keyword search for "security_patch." Finally, security updates can be downloaded from the Windows Update Catalog. For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166. Detection and Deployment Guidance Microsoft has provided detection and deployment guidance for this month’s security updates. This guidance will also help IT professionals understand how they can use various tools to help deploy the security update, such as Windows Update, Microsoft Update, Office Update, the Microsoft Baseline Security Analyzer (MBSA), the Office Detection Tool, Microsoft Systems Management Server (SMS), the Extended Security Update Inventory Tool, and the Enterprise Update Scan Tool (EST). For more information, see Microsoft Knowledge Base Article 910723. Microsoft Baseline Security Analyzer Microsoft Baseline Security Analyzer (MBSA) allows administrators to scan local and remote systems for missing security updates as well as common security misconfigurations. For more information about MBSA visit Microsoft Baseline Security Analyzer Web site. The following table provides the MBSA detection summary for this security update. Software MBSA 1.2.1 MBSA 2.0.1 Microsoft Windows 2000 Service Pack 4 Yes Yes Windows XP Service Pack 2 Yes Yes Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2 No Yes Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2 Yes Yes Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2 No Yes Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems No Yes Windows Vista No See Note for Windows Vista below Windows Vista x64 Edition No See Note for Windows Vista below Note MBSA 1.2.1 does not support systems with Internet Explorer 7 installed. MBSA 2.0 does support systems with Internet Explorer 7 installed. Note for Windows Vista Microsoft does not support installing MBSA 2.0.1 on computers that run Windows Vista, but you may install MBSA 2.0.1 on a supported operating system and then scan the Windows Vista-based computer remotely. For additional information about MBSA support for Windows Vista, visit the MBSA Web site. See also Microsoft Knowledge Base Article 931943: Microsoft Baseline Security Analyzer (MBSA) support for Windows Vista. For more information about MBSA, visit the MBSA Web site. For more information about the software that Microsoft Update and MBSA 2.0 currently do not detect, see Microsoft Knowledge Base Article 895660. Windows Server Update Services By using Windows Server Update Services (WSUS), administrators can deploy the latest critical updates and security updates for Windows 2000 operating systems and later, Office XP and later, Exchange Server 2003, and SQL Server 2000 to Windows 2000 and later operating systems. For more information about how to deploy this security update using Windows Server Update Services, visit the Windows Server Update Services Web site. Systems Management Server The following table provides the SMS detection and deployment summary for this security update. Software SMS 2.0 SMS 2003 Microsoft Windows 2000 Service Pack 4 Yes Yes Windows XP Service Pack 2 Yes Yes Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 No Yes Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2 Yes Yes Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2 No Yes Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems No Yes Windows Vista No See Note for Windows Vista below Windows Vista x64 Edition No See Note for Windows Vista below SMS 2.0 and SMS 2003 Software Update Services (SUS) Feature Pack can use MBSA 1.2.1 for detection and therefore have the same limitation that is listed earlier in this bulletin related to programs that MBSA 1.2.1 does not detect. For SMS 2.0, the SMS SUS Feature Pack, which includes the Security Update Inventory Tool (SUIT), can be used by SMS to detect security updates. SMS SUIT uses the MBSA 1.2.1 engine for detection. For more information about SUIT, visit the following Microsoft Web site. For more information about the limitations of SUIT, see Microsoft Knowledge Base Article 306460. The SMS SUS Feature Pack also includes the Microsoft Office Inventory Tool to detect required updates for Microsoft Office applications. For SMS 2003, the SMS 2003 Inventory Tool for Microsoft Updates (ITMU) can be used by SMS to detect security updates that are offered by Microsoft Update and that are supported by Windows Server Update Services. For more information about the SMS 2003 ITMU, visit the following Microsoft Web site. SMS 2003 can also use the Microsoft Office Inventory Tool to detect required updates for Microsoft Office applications. Note for Windows Vista Microsoft Systems Management Server 2003 with Service Pack 3 includes support for Windows Vista manageability. For more information about SMS, visit the SMS Web site. Top of section Security Update Deployment Affected Software For information about the specific security update for your affected software, click the appropriate link: Windows 2000 (all editions) Reference Table The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section. Inclusion in Future Service Packs The update for this issue may be included in a future update rollup Deployment Installing without user intervention Internet Explorer 5.01 Service Pack 4: IE5.01sp4-KB933566-Windows2000sp4-x86-enu /quiet Internet Explorer 6 Service Pack 1: IE6.0sp1-KB933566-Windows2000-x86-enu /quiet Installing without restarting Internet Explorer 5.01 Service Pack 4: IE5.01sp4-KB933566-Windows2000sp4-x86-enu /norestart Internet Explorer 6 Service Pack 1: IE6.0sp1-KB933566-Windows2000-x86-enu /norestart Update log file Internet Explorer 5.01 Service Pack 4: KB933566-IE501SP4-20070530.120000.log Internet Explorer 6 Service Pack 1: KB933566-IE6SP1-20070423.120000.log Further information See the subsection, Detection and Deployment Tools and Guidance Restart Requirement Restart required Yes, you must restart your system after you apply this security update Hotpatching Not applicable Removal Information Internet Explorer 5.01 Service Pack 4: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB933566-IE501SP4-20070530.120000$\Spuninst folder Internet Explorer 6 Service Pack 1: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB933566-IE6SP1-20070423.120000$\Spuninst folder File Information See the subsection, File Information, in this section, or Microsoft Knowledge Base Article 933566 for the full file manifest Registry Key Verification For Internet Explorer 5.01 Service Pack 4 on all supported editions of Microsoft Windows 2000 Service Pack 4: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Internet Explorer 5.01\SP4\KB933566-IE501SP4-20070530.120000\Filelist For Internet Explorer 6 Service Pack 1 when installed on all supported editions of Microsoft Windows 2000 Service Pack 4: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Internet Explorer 6\SP1\KB933566-IE6SP1-20070423.120000\Filelist File Information The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. For Internet Explorer 5.01 Service Pack 4 on all supported editions of Windows 2000: File Name Version Date Time Size Browseui.dll 5.0.3852.2300 23-Apr-2007 16:11 792,848 Danim.dll 6.1.9.729 11-Apr-2007 19:15 1,134,352 Iepeers.dll 5.0.3852.2300 23-Apr-2007 17:24 100,112 Inseng.dll 5.0.3852.2300 23-Apr-2007 16:15 74,000 Jsproxy.dll 5.0.3852.2300 23-Apr-2007 16:15 13,584 Mshtml.dll 5.0.3853.3000 30-May-2007 19:28 2,303,760 Msrating.dll 5.0.3852.2300 23-Apr-2007 16:13 149,776 Pngfilt.dll 5.0.3852.2300 23-Apr-2007 17:24 48,912 Shdocvw.dll 5.0.3852.2300 23-Apr-2007 16:11 1,104,656 Shlwapi.dll 5.0.3900.7132 12-Apr-2007 22:56 284,432 Url.dll 5.50.4976.1200 12-Apr-2007 21:28 84,240 Urlmon.dll 5.0.3852.2300 23-Apr-2007 16:15 425,232 Wininet.dll 5.0.3852.2300 23-Apr-2007 16:15 451,344 Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 6 Service Pack 1 when installed on all supported editions of Windows 2000: File Name Version Date Time Size Folder Browseui.dll 6.0.2800.1909 13-Apr-2007 17:08 1,017,856 RTMGDR Cdfview.dll 6.0.2800.1909 13-Apr-2007 17:09 143,360 RTMGDR Danim.dll 6.3.1.148 20-Feb-2007 09:48 1,054,208 RTMGDR Dxtmsft.dll 6.3.2800.1595 13-Apr-2007 16:56 351,744 RTMGDR Dxtrans.dll 6.3.2800.1595 13-Apr-2007 16:56 192,512 RTMGDR Iepeers.dll 6.0.2800.1595 13-Apr-2007 16:56 236,032 RTMGDR Inseng.dll 6.0.2800.1595 13-Apr-2007 16:56 69,632 RTMGDR Jsproxy.dll 6.0.2800.1595 13-Apr-2007 16:57 12,288 RTMGDR Mshtml.dll 6.0.2800.1595 16-Apr-2007 19:25 2,704,896 RTMGDR Msrating.dll 6.0.2800.1909 13-Apr-2007 17:10 132,096 RTMGDR Mstime.dll 6.0.2800.1595 13-Apr-2007 16:56 498,176 RTMGDR Pngfilt.dll 6.0.2800.1595 13-Apr-2007 16:56 34,816 RTMGDR Shdocvw.dll 6.0.2800.1909 13-Apr-2007 17:08 1,340,416 RTMGDR Shlwapi.dll 6.0.2800.1909 13-Apr-2007 17:08 402,944 RTMGDR Urlmon.dll 6.0.2800.1595 13-Apr-2007 16:57 462,336 RTMGDR Wininet.dll 6.0.2800.1595 13-Apr-2007 16:58 575,488 RTMGDR Browseui.dll 6.0.2800.1909 13-Apr-2007 17:08 1,017,856 RTMQFE Cdfview.dll 6.0.2800.1909 13-Apr-2007 17:09 143,360 RTMQFE Danim.dll 6.3.1.148 20-Feb-2007 09:48 1,054,208 RTMQFE Dxtmsft.dll 6.3.2800.1596 13-Apr-2007 16:54 351,744 RTMQFE Dxtrans.dll 6.3.2800.1596 13-Apr-2007 16:54 192,512 RTMQFE Iepeers.dll 6.0.2800.1596 13-Apr-2007 16:54 236,544 RTMQFE Inseng.dll 6.0.2800.1596 13-Apr-2007 16:54 69,632 RTMQFE Jsproxy.dll 6.0.2800.1596 13-Apr-2007 16:55 12,288 RTMQFE Mshtml.dll 6.0.2800.1596 16-Apr-2007 19:22 2,712,576 RTMQFE Msrating.dll 6.0.2800.1909 13-Apr-2007 17:10 132,096 RTMQFE Mstime.dll 6.0.2800.1596 13-Apr-2007 16:54 498,176 RTMQFE Pngfilt.dll 6.0.2800.1596 13-Apr-2007 16:54 38,912 RTMQFE Shdocvw.dll 6.0.2800.1909 13-Apr-2007 17:08 1,340,416 RTMQFE Shlwapi.dll 6.0.2800.1909 13-Apr-2007 17:08 402,944 RTMQFE Urlmon.dll 6.0.2800.1596 13-Apr-2007 16:55 464,384 RTMQFE Wininet.dll 6.0.2800.1596 13-Apr-2007 16:56 587,776 RTMQFE Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. Top of section Deployment Information Installing the Update When you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994. For more information about the installer, visit the Microsoft TechNet Web site. For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684. This security update supports the following setup switches. Supported Security Update Installation Switches Switch Description /help Displays the command-line options Setup Modes /passive Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. /quiet Quiet mode. This is the same as unattended mode, but no status or error messages are displayed. Restart Options /norestart Does not restart when installation has completed /forcerestart Restarts the computer after installation and force other applications to close at shutdown without saving open files first. /warnrestart[:x] Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch. /promptrestart Display a dialog box prompting the local user to allow a restart Special Options /overwriteoem Overwrites OEM files without prompting /nobackup Does not back up files needed for uninstall /forceappsclose Forces other programs to close when the computer shuts down /log:path Allows the redirection of installation log files /extract[:path] Extracts files without starting the Setup program /ER Enables extended error reporting /verbose Enables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly. Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. Removing the Update This security update supports the following setup switches. Supported Spuninst.exe Switches Switch Description /help Displays the command-line options Setup Modes /passive Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. /quiet Quiet mode. This is the same as unattended mode, but no status or error messages are displayed. Restart Options /norestart Does not restart when installation has completed /forcerestart Restarts the computer after installation and force other applications to close at shutdown without saving open files first. /warnrestart[:x] Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch. /promptrestart Display a dialog box prompting the local user to allow a restart Special Options /forceappsclose Forces other programs to close when the computer shuts down /log:path Allows the redirection of installation log files Verifying That the Update Has Been Applied • Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. • File Version Verification Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps. 1. Click Start, and then click Search. 2. In the Search Results pane, click All files and folders under Search Companion. 3. In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search. 4. In the list of files, right-click a file name from the appropriate file information table, and then click Properties. Note Depending on the edition of the operating system, or the programs that are installed on your system, some of the files that are listed in the file information table may not be installed. 5. On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table. Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation. • Registry Key Verification You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section. These registry keys may not contain a complete list of installed files. Also, these registry keys may not be created correctly when an administrator or an OEM integrates or slipstreams this security update into the Windows installation source files. Top of section Top of section Windows XP (all editions) Reference Table The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section. Inclusion in Future Service Packs The update for this issue will be included in a future service pack or update rollup Deployment Installing without user intervention Internet Explorer 6 for Windows XP Service Pack 2: Windowsxp-kb933566-x86-enu /quiet Internet Explorer 7 for Windows XP Service Pack 2: IE7-KB933566-WindowsXP-x86-enu /quiet Installing without restarting Internet Explorer 6 for Windows XP Service Pack 2: Windowsxp-kb933566-x86-enu /norestart Internet Explorer 7 for Windows XP Service Pack 2: IE7-KB933566-WindowsXP-x86-enu /norestart Update log file Internet Explorer 6 for Windows XP Service Pack 2: KB933566.log Internet Explorer 7 for Windows XP Service Pack 2: KB933566-IE7.log Further information See the subsection, Detection and Deployment Tools and Guidance Restart Requirement Restart required Yes, you must restart your system after you apply this security update Hotpatching Not applicable Removal Information Internet Explorer 6 for Windows XP: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB933566$\Spuninst folder Internet Explorer 7 for Windows XP: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\ie7updates\KB933566-IE7\spuninst folder File Information See the subsection, File Information, below or Microsoft Knowledge Base Article 933566 for the full file manifest Registry Key Verification Internet Explorer 6 for all supported 32-bit editions of Windows XP: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB933566\Filelist Internet Explorer 6 for all supported x64 editions of Windows XP: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP Version 2003\SP2\KB933566\Filelist Internet Explorer 7 for all supported 32-bit editions of Windows XP: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB933566-IE7\Filelist Internet Explorer 7 for all supported x64 editions of Windows XP: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP Version 2003\SP0\KB933566-IE7\Filelist File Information The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. For Internet Explorer 6 for all supported 32-bit editions of Windows XP: File Name Version Date Time Size Folder Browseui.dll 6.0.2900.3121 18-Apr-2007 12:31 1,023,488 SP2GDR Cdfview.dll 6.0.2900.3121 18-Apr-2007 12:31 151,040 SP2GDR Danim.dll 6.3.1.148 18-Apr-2007 12:31 1,054,208 SP2GDR Dxtmsft.dll 6.3.2900.3121 18-Apr-2007 12:31 357,888 SP2GDR Dxtrans.dll 6.3.2900.3121 18-Apr-2007 12:31 205,312 SP2GDR Extmgr.dll 6.0.2900.3121 18-Apr-2007 12:31 55,808 SP2GDR Iedw.exe 5.1.2600.3121 18-Apr-2007 10:22 18,432 SP2GDR Iepeers.dll 6.0.2900.3121 18-Apr-2007 12:31 251,392 SP2GDR Inseng.dll 6.0.2900.3121 18-Apr-2007 12:31 96,256 SP2GDR Jsproxy.dll 6.0.2900.3121 18-Apr-2007 12:31 16,384 SP2GDR Mshtml.dll 6.0.2900.3132 04-May-2007 12:29 3,058,688 SP2GDR Mshtmled.dll 6.0.2900.3121 18-Apr-2007 12:31 449,024 SP2GDR Msrating.dll 6.0.2900.3121 18-Apr-2007 12:31 146,432 SP2GDR Mstime.dll 6.0.2900.3121 18-Apr-2007 12:31 532,480 SP2GDR Pngfilt.dll 6.0.2900.3121 18-Apr-2007 12:31 39,424 SP2GDR Shdocvw.dll 6.0.2900.3121 18-Apr-2007 12:31 1,494,528 SP2GDR Shlwapi.dll 6.0.2900.3121 18-Apr-2007 12:31 474,112 SP2GDR Urlmon.dll 6.0.2900.3121 18-Apr-2007 12:31 615,424 SP2GDR Wininet.dll 6.0.2900.3121 18-Apr-2007 12:31 658,944 SP2GDR Xpsp3res.dll 5.1.2600.3121 18-Apr-2007 09:51 115,200 SP2GDR Browseui.dll 6.0.2900.3121 18-Apr-2007 12:46 1,022,976 SP2QFE Cdfview.dll 6.0.2900.3121 18-Apr-2007 12:46 151,040 SP2QFE Danim.dll 6.3.1.148 18-Apr-2007 12:46 1,054,208 SP2QFE Dxtmsft.dll 6.3.2900.3121 18-Apr-2007 12:46 357,888 SP2QFE Dxtrans.dll 6.3.2900.3121 18-Apr-2007 12:46 205,312 SP2QFE Extmgr.dll 6.0.2900.3121 18-Apr-2007 12:46 55,808 SP2QFE Iedw.exe 5.1.2600.3121 18-Apr-2007 10:42 18,432 SP2QFE Iepeers.dll 6.0.2900.3121 18-Apr-2007 12:46 251,904 SP2QFE Inseng.dll 6.0.2900.3121 18-Apr-2007 12:46 96,256 SP2QFE Jsproxy.dll 6.0.2900.3121 18-Apr-2007 12:46 16,384 SP2QFE Mshtml.dll 6.0.2900.3132 04-May-2007 12:59 3,064,320 SP2QFE Mshtmled.dll 6.0.2900.3121 18-Apr-2007 12:46 449,024 SP2QFE Msrating.dll 6.0.2900.3121 18-Apr-2007 12:46 146,432 SP2QFE Mstime.dll 6.0.2900.3121 18-Apr-2007 12:46 532,480 SP2QFE Pngfilt.dll 6.0.2900.3121 18-Apr-2007 12:46 39,424 SP2QFE Shdocvw.dll 6.0.2900.3121 18-Apr-2007 12:46 1,498,112 SP2QFE Shlwapi.dll 6.0.2900.3121 18-Apr-2007 12:46 474,112 SP2QFE Urlmon.dll 6.0.2900.3121 18-Apr-2007 12:46 616,960 SP2QFE Wininet.dll 6.0.2900.3121 18-Apr-2007 12:46 665,600 SP2QFE Xpsp3res.dll 5.1.2600.3121 18-Apr-2007 10:07 248,320 SP2QFE Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 7 for all supported 32-bit editions of Windows XP: File Name Version Date Time Size Advpack.dll 7.0.6000.16473 25-Apr-2007 08:41 124,928 Extmgr.dll 7.0.6000.16473 25-Apr-2007 08:41 132,608 Ie4uinit.exe 7.0.6000.16473 24-Apr-2007 14:26 56,832 Ieakeng.dll 7.0.6000.16473 25-Apr-2007 08:41 153,088 Ieaksie.dll 7.0.6000.16473 25-Apr-2007 08:41 230,400 Ieakui.dll 7.0.6000.16473 24-Apr-2007 07:30 161,792 Ieapfltr.dat 7.0.6011.0 17-Apr-2007 09:28 2,455,488 Ieapfltr.dll 7.0.6000.16461 25-Apr-2007 08:41 383,488 Iedkcs32.dll 17.0.6000.16473 25-Apr-2007 08:41 384,512 Ieframe.dll 7.0.6000.16473 25-Apr-2007 08:41 6,058,496 Ieframe.dll.mui 7.0.6000.16414 09-Feb-2007 13:26 991,232 Iernonce.dll 7.0.6000.16473 25-Apr-2007 08:41 44,544 Iertutil.dll 7.0.6000.16473 25-Apr-2007 08:41 267,776 Ieudinit.exe 7.0.6000.16473 24-Apr-2007 14:26 13,824 Iexplore.exe 7.0.6000.16473 24-Apr-2007 14:26 625,152 Inetcpl.cpl 7.0.6000.16473 25-Apr-2007 08:41 1,824,768 Jsproxy.dll 7.0.6000.16473 25-Apr-2007 08:41 27,648 Msfeeds.dll 7.0.6000.16473 25-Apr-2007 08:41 459,264 Msfeedsbs.dll 7.0.6000.16473 25-Apr-2007 08:41 52,224 Mshtml.dll 7.0.6000.16481 08-May-2007 09:24 3,583,488 Mshtmled.dll 7.0.6000.16473 25-Apr-2007 08:41 477,696 Msrating.dll 7.0.6000.16473 25-Apr-2007 08:41 193,024 Mstime.dll 7.0.6000.16473 25-Apr-2007 08:41 670,720 Occache.dll 7.0.6000.16473 25-Apr-2007 08:41 102,400 Url.dll 7.0.6000.16473 25-Apr-2007 08:41 105,984 Urlmon.dll 7.0.6000.16473 25-Apr-2007 08:41 1,152,000 Webcheck.dll 7.0.6000.16473 25-Apr-2007 08:41 232,960 Wininet.dll 7.0.6000.16473 25-Apr-2007 08:41 822,784 Advpack.dll 7.0.6000.20583 25-Apr-2007 09:08 124,928 Extmgr.dll 7.0.6000.20583 25-Apr-2007 09:08 132,608 Ie4uinit.exe 7.0.6000.20583 24-Apr-2007 14:20 56,832 Ieakeng.dll 7.0.6000.20583 25-Apr-2007 09:08 153,088 Ieaksie.dll 7.0.6000.20583 25-Apr-2007 09:08 230,400 Ieakui.dll 7.0.6000.20583 24-Apr-2007 08:45 161,792 Ieapfltr.dat 7.0.6011.0 17-Apr-2007 09:28 2,455,488 Ieapfltr.dll 7.0.6000.16461 25-Apr-2007 09:08 383,488 Iedkcs32.dll 17.0.6000.20583 25-Apr-2007 09:08 384,512 Ieframe.dll 7.0.6000.20583 25-Apr-2007 09:08 6,059,008 Ieframe.dll.mui 7.0.6000.16414 09-Feb-2007 13:26 991,232 Iernonce.dll 7.0.6000.20583 25-Apr-2007 09:08 44,544 Iertutil.dll 7.0.6000.20583 25-Apr-2007 09:08 267,776 Ieudinit.exe 7.0.6000.20583 24-Apr-2007 14:20 13,824 Iexplore.exe 7.0.6000.20583 24-Apr-2007 14:20 625,152 Inetcpl.cpl 7.0.6000.20583 25-Apr-2007 09:08 1,824,256 Jsproxy.dll 7.0.6000.20583 25-Apr-2007 09:08 27,648 Msfeeds.dll 7.0.6000.20583 25-Apr-2007 09:08 459,264 Msfeedsbs.dll 7.0.6000.20583 25-Apr-2007 09:08 52,224 Mshtml.dll 7.0.6000.20591 08-May-2007 09:25 3,584,000 Mshtmled.dll 7.0.6000.20583 25-Apr-2007 09:08 477,696 Msrating.dll 7.0.6000.20583 25-Apr-2007 09:08 193,024 Mstime.dll 7.0.6000.20583 25-Apr-2007 09:08 670,720 Occache.dll 7.0.6000.20583 25-Apr-2007 09:08 102,400 Url.dll 7.0.6000.20583 25-Apr-2007 09:08 105,984 Urlmon.dll 7.0.6000.20583 25-Apr-2007 09:08 1,153,536 Webcheck.dll 7.0.6000.20583 25-Apr-2007 09:08 232,960 Wininet.dll 7.0.6000.20583 25-Apr-2007 09:08 823,808 Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 6 for all supported x64 editions of Windows XP: File Name Version Date Time Size CPU Folder Browseui.dll 6.0.3790.2920 03-May-2007 20:21 1,605,120 x64 SP1GDR Danim.dll 6.3.1.148 03-May-2007 20:22 1,989,120 x64 SP1GDR Dxtmsft.dll 6.3.3790.2920 03-May-2007 20:22 561,664 x64 SP1GDR Dxtrans.dll 6.3.3790.2920 03-May-2007 20:22 332,288 x64 SP1GDR Iepeers.dll 6.0.3790.2920 03-May-2007 20:22 369,664 x64 SP1GDR Jsproxy.dll 6.0.3790.2920 03-May-2007 20:22 24,064 x64 SP1GDR Mshtml.dll 6.0.3790.2920 03-May-2007 20:22 5,997,568 x64 SP1GDR Mstime.dll 6.0.3790.2920 03-May-2007 20:22 900,608 x64 SP1GDR Pngfilt.dll 5.2.3790.2920 03-May-2007 20:22 64,000 x64 SP1GDR Shdocvw.dll 6.0.3790.2920 03-May-2007 20:22 2,438,144 x64 SP1GDR Shlwapi.dll 6.0.3790.2920 03-May-2007 20:22 621,568 x64 SP1GDR Urlmon.dll 6.0.3790.2920 03-May-2007 20:22 1,085,440 x64 SP1GDR W03a2409.dll 5.2.3790.2920 03-May-2007 20:22 4,608 x64 SP1GDR Wininet.dll 6.0.3790.2920 03-May-2007 20:22 1,187,840 x64 SP1GDR Wbrowseui.dll 6.0.3790.2920 03-May-2007 20:22 1,036,800 x86 SP1GDR\WOW Wdanim.dll 6.3.1.148 03-May-2007 20:22 1,058,304 x86 SP1GDR\WOW Wdxtmsft.dll 6.3.3790.2920 03-May-2007 20:22 363,008 x86 SP1GDR\WOW Wdxtrans.dll 6.3.3790.2920 03-May-2007 20:22 212,480 x86 SP1GDR\WOW Wiedw.exe 5.2.3790.2920 03-May-2007 20:22 17,920 x86 SP1GDR\WOW Wiepeers.dll 6.0.3790.2920 03-May-2007 20:22 253,952 x86 SP1GDR\WOW Wjsproxy.dll 6.0.3790.2920 03-May-2007 20:22 16,384 x86 SP1GDR\WOW Wmshtml.dll 6.0.3790.2920 03-May-2007 20:22 3,155,968 x86 SP1GDR\WOW Wmstime.dll 6.0.3790.2920 03-May-2007 20:22 537,088 x86 SP1GDR\WOW Wpngfilt.dll 5.2.3790.2920 03-May-2007 20:22 42,496 x86 SP1GDR\WOW Wshdocvw.dll 6.0.3790.2920 03-May-2007 20:22 1,515,008 x86 SP1GDR\WOW Wshlwapi.dll 6.0.3790.2920 03-May-2007 20:22 321,536 x86 SP1GDR\WOW Wurlmon.dll 6.0.3790.2920 03-May-2007 20:22 697,344 x86 SP1GDR\WOW Ww03a2409.dll 5.2.3790.2920 03-May-2007 20:22 4,096 x86 SP1GDR\WOW Wwininet.dll 6.0.3790.2920 03-May-2007 20:22 662,528 x86 SP1GDR\WOW Browseui.dll 6.0.3790.2920 03-May-2007 20:21 1,605,120 x64 SP1QFE Danim.dll 6.3.1.148 03-May-2007 20:21 1,989,120 x64 SP1QFE Dxtmsft.dll 6.3.3790.2920 03-May-2007 20:21 561,664 x64 SP1QFE Dxtrans.dll 6.3.3790.2920 03-May-2007 20:21 332,288 x64 SP1QFE Iepeers.dll 6.0.3790.2920 03-May-2007 20:21 370,176 x64 SP1QFE Jsproxy.dll 6.0.3790.2920 03-May-2007 20:21 24,064 x64 SP1QFE Mshtml.dll 6.0.3790.2920 03-May-2007 20:21 6,001,664 x64 SP1QFE Mstime.dll 6.0.3790.2920 03-May-2007 20:22 900,608 x64 SP1QFE Pngfilt.dll 5.2.3790.2920 03-May-2007 20:22 64,000 x64 SP1QFE Shdocvw.dll 6.0.3790.2920 03-May-2007 20:22 2,438,656 x64 SP1QFE Shlwapi.dll 6.0.3790.2920 03-May-2007 20:22 621,568 x64 SP1QFE Urlmon.dll 6.0.3790.2920 03-May-2007 20:22 1,085,440 x64 SP1QFE W03a2409.dll 5.2.3790.2920 03-May-2007 20:22 28,160 x64 SP1QFE Wininet.dll 6.0.3790.2920 03-May-2007 20:22 1,189,888 x64 SP1QFE Wbrowseui.dll 6.0.3790.2920 03-May-2007 20:22 1,036,800 x86 SP1QFE\WOW Wdanim.dll 6.3.1.148 03-May-2007 20:22 1,058,304 x86 SP1QFE\WOW Wdxtmsft.dll 6.3.3790.2920 03-May-2007 20:22 363,008 x86 SP1QFE\WOW Wdxtrans.dll 6.3.3790.2920 03-May-2007 20:22 212,480 x86 SP1QFE\WOW Wiedw.exe 5.2.3790.2920 03-May-2007 20:22 17,920 x86 SP1QFE\WOW Wiepeers.dll 6.0.3790.2920 03-May-2007 20:22 253,952 x86 SP1QFE\WOW Wjsproxy.dll 6.0.3790.2920 03-May-2007 20:22 16,384 x86 SP1QFE\WOW Wmshtml.dll 6.0.3790.2920 03-May-2007 20:22 3,158,528 x86 SP1QFE\WOW Wmstime.dll 6.0.3790.2920 03-May-2007 20:22 537,088 x86 SP1QFE\WOW Wpngfilt.dll 5.2.3790.2920 03-May-2007 20:22 42,496 x86 SP1QFE\WOW Wshdocvw.dll 6.0.3790.2920 03-May-2007 20:22 1,515,520 x86 SP1QFE\WOW Wshlwapi.dll 6.0.3790.2920 03-May-2007 20:22 321,536 x86 SP1QFE\WOW Wurlmon.dll 6.0.3790.2920 03-May-2007 20:22 697,344 x86 SP1QFE\WOW Ww03a2409.dll 5.2.3790.2920 03-May-2007 20:22 27,648 x86 SP1QFE\WOW Wwininet.dll 6.0.3790.2920 03-May-2007 20:22 666,112 x86 SP1QFE\WOW Mshtml.dll 6.0.3790.4064 03-May-2007 20:45 5,998,592 x64 SP2GDR Shdocvw.dll 6.0.3790.4064 03-May-2007 20:46 2,438,144 x64 SP2GDR Urlmon.dll 6.0.3790.4073 03-May-2007 20:46 1,088,000 x64 SP2GDR Wmshtml.dll 6.0.3790.4064 03-May-2007 20:46 3,131,904 x86 SP2GDR\WOW Wshdocvw.dll 6.0.3790.4064 03-May-2007 20:46 1,508,352 x86 SP2GDR\WOW Wurlmon.dll 6.0.3790.4073 03-May-2007 20:46 697,856 x86 SP2GDR\WOW Mshtml.dll 6.0.3790.4064 04-May-2007 05:55 6,000,128 x64 SP2QFE Shdocvw.dll 6.0.3790.4064 04-May-2007 05:55 2,438,656 x64 SP2QFE Urlmon.dll 6.0.3790.4073 04-May-2007 05:55 1,088,000 x64 SP2QFE Wmshtml.dll 6.0.3790.4064 04-May-2007 05:55 3,132,416 x86 SP2QFE\WOW Wshdocvw.dll 6.0.3790.4064 04-May-2007 05:55 1,508,352 x86 SP2QFE\WOW Wurlmon.dll 6.0.3790.4073 04-May-2007 05:55 697,856 x86 SP2QFE\WOW Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 7 for all supported x64 editions of Windows XP: File Name Version Date Time Size CPU Folder Advpack.dll 7.0.6000.16473 07-May-2007 23:27 161,280 x64 SP2GDR Extmgr.dll 7.0.6000.16473 07-May-2007 23:27 188,416 x64 SP2GDR Ie4uinit.exe 7.0.6000.16473 07-May-2007 23:27 68,608 x64 SP2GDR Ieakeng.dll 7.0.6000.16473 07-May-2007 23:27 196,096 x64 SP2GDR Ieaksie.dll 7.0.6000.16473 07-May-2007 23:27 267,776 x64 SP2GDR Ieakui.dll 7.0.6000.16473 07-May-2007 23:27 161,792 x64 SP2GDR Ieapfltr.dat 7.0.6011.0 07-May-2007 23:27 2,455,488 x64 SP2GDR Ieapfltr.dll 7.0.6000.16461 07-May-2007 23:27 424,448 x64 SP2GDR Iedkcs32.dll 17.0.6000.16473 07-May-2007 23:27 468,480 x64 SP2GDR Ieframe.dll 7.0.6000.16473 07-May-2007 23:28 7,058,944 x64 SP2GDR Ieframe.dll.mui 7.0.6000.16414 07-May-2007 23:28 983,552 x64 SP2GDR Iernonce.dll 7.0.6000.16473 07-May-2007 23:28 57,344 x64 SP2GDR Iertutil.dll 7.0.6000.16473 07-May-2007 23:28 355,840 x64 SP2GDR Ieudinit.exe 7.0.6000.16473 07-May-2007 23:28 13,824 x64 SP2GDR Iexplore.exe 7.0.6000.16473 07-May-2007 23:28 679,424 x64 SP2GDR Inetcpl.cpl 7.0.6000.16473 07-May-2007 23:28 2,025,472 x64 SP2GDR Jsproxy.dll 7.0.6000.16473 07-May-2007 23:28 32,256 x64 SP2GDR Msfeeds.dll 7.0.6000.16473 07-May-2007 23:28 553,984 x64 SP2GDR Msfeedsbs.dll 7.0.6000.16473 07-May-2007 23:28 75,264 x64 SP2GDR Mshtml.dll 7.0.6000.16481 07-May-2007 23:28 5,668,352 x64 SP2GDR Mshtmled.dll 7.0.6000.16473 07-May-2007 23:28 758,784 x64 SP2GDR Msrating.dll 7.0.6000.16473 07-May-2007 23:29 242,176 x64 SP2GDR Mstime.dll 7.0.6000.16473 07-May-2007 23:29 1,129,472 x64 SP2GDR Occache.dll 7.0.6000.16473 07-May-2007 23:29 151,040 x64 SP2GDR Url.dll 7.0.6000.16473 07-May-2007 23:29 108,544 x64 SP2GDR Urlmon.dll 7.0.6000.16473 07-May-2007 23:29 1,418,752 x64 SP2GDR Webcheck.dll 7.0.6000.16473 07-May-2007 23:29 295,424 x64 SP2GDR Wininet.dll 7.0.6000.16473 07-May-2007 23:29 1,019,392 x64 SP2GDR Wadvpack.dll 7.0.6000.16473 07-May-2007 23:31 124,928 x86 SP2GDR\WOW Wextmgr.dll 7.0.6000.16473 07-May-2007 23:31 132,608 x86 SP2GDR\WOW Wie4uinit.exe 7.0.6000.16473 07-May-2007 23:31 56,832 x86 SP2GDR\WOW Wieakeng.dll 7.0.6000.16473 07-May-2007 23:31 153,088 x86 SP2GDR\WOW Wieaksie.dll 7.0.6000.16473 07-May-2007 23:31 230,400 x86 SP2GDR\WOW Wieakui.dll 7.0.6000.16473 07-May-2007 23:31 161,792 x86 SP2GDR\WOW Wieapfltr.dat 7.0.6011.0 07-May-2007 23:31 2,455,488 x64 SP2GDR\WOW Wieapfltr.dll 7.0.6000.16461 07-May-2007 23:31 383,488 x86 SP2GDR\WOW Wiedkcs32.dll 17.0.6000.16473 07-May-2007 23:31 384,512 x86 SP2GDR\WOW Wieframe.dll 7.0.6000.16473 07-May-2007 23:31 6,058,496 x86 SP2GDR\WOW Wieframe.dll.mui 7.0.6000.16414 07-May-2007 23:31 991,232 x64 SP2GDR\WOW Wiernonce.dll 7.0.6000.16473 07-May-2007 23:31 44,544 x86 SP2GDR\WOW Wiertutil.dll 7.0.6000.16473 07-May-2007 23:31 267,776 x86 SP2GDR\WOW Wieudinit.exe 7.0.6000.16473 07-May-2007 23:31 13,824 x86 SP2GDR\WOW Wiexplore.exe 7.0.6000.16473 07-May-2007 23:31 625,152 x86 SP2GDR\WOW Winetcpl.cpl 7.0.6000.16473 07-May-2007 23:31 1,824,768 x64 SP2GDR\WOW Wjsproxy.dll 7.0.6000.16473 07-May-2007 23:31 27,648 x86 SP2GDR\WOW Wmsfeeds.dll 7.0.6000.16473 07-May-2007 23:31 459,264 x86 SP2GDR\WOW Wmsfeedsbs.dll 7.0.6000.16473 07-May-2007 23:31 52,224 x86 SP2GDR\WOW Wmshtml.dll 7.0.6000.16481 07-May-2007 23:31 3,583,488 x86 SP2GDR\WOW Wmshtmled.dll 7.0.6000.16473 07-May-2007 23:31 477,696 x86 SP2GDR\WOW Wmsrating.dll 7.0.6000.16473 07-May-2007 23:31 193,024 x86 SP2GDR\WOW Wmstime.dll 7.0.6000.16473 07-May-2007 23:31 670,720 x86 SP2GDR\WOW Woccache.dll 7.0.6000.16473 07-May-2007 23:31 102,400 x86 SP2GDR\WOW Wurl.dll 7.0.6000.16473 07-May-2007 23:31 105,984 x86 SP2GDR\WOW Wurlmon.dll 7.0.6000.16473 07-May-2007 23:31 1,152,000 x86 SP2GDR\WOW Wwebcheck.dll 7.0.6000.16473 07-May-2007 23:31 232,960 x86 SP2GDR\WOW Wwininet.dll 7.0.6000.16473 07-May-2007 23:31 822,784 x86 SP2GDR\WOW Advpack.dll 7.0.6000.20583 07-May-2007 23:06 161,280 x64 SP2QFE Extmgr.dll 7.0.6000.20583 07-May-2007 23:06 188,416 x64 SP2QFE Ie4uinit.exe 7.0.6000.20583 07-May-2007 23:06 68,608 x64 SP2QFE Ieakeng.dll 7.0.6000.20583 07-May-2007 23:06 195,584 x64 SP2QFE Ieaksie.dll 7.0.6000.20583 07-May-2007 23:06 267,264 x64 SP2QFE Ieakui.dll 7.0.6000.20583 07-May-2007 23:06 161,792 x64 SP2QFE Ieapfltr.dat 7.0.6011.0 07-May-2007 23:06 2,455,488 x64 SP2QFE Ieapfltr.dll 7.0.6000.16461 07-May-2007 23:06 424,448 x64 SP2QFE Iedkcs32.dll 17.0.6000.20583 07-May-2007 23:06 468,480 x64 SP2QFE Ieframe.dll 7.0.6000.20583 07-May-2007 23:06 7,059,968 x64 SP2QFE Ieframe.dll.mui 7.0.6000.16414 07-May-2007 23:07 983,552 x64 SP2QFE Iernonce.dll 7.0.6000.20583 07-May-2007 23:07 57,344 x64 SP2QFE Iertutil.dll 7.0.6000.20583 07-May-2007 23:07 355,840 x64 SP2QFE Ieudinit.exe 7.0.6000.20583 07-May-2007 23:07 13,824 x64 SP2QFE Iexplore.exe 7.0.6000.20583 07-May-2007 23:07 679,424 x64 SP2QFE Inetcpl.cpl 7.0.6000.20583 07-May-2007 23:07 2,025,472 x64 SP2QFE Jsproxy.dll 7.0.6000.20583 07-May-2007 23:07 32,256 x64 SP2QFE Msfeeds.dll 7.0.6000.20583 07-May-2007 23:07 553,984 x64 SP2QFE Msfeedsbs.dll 7.0.6000.20583 07-May-2007 23:07 75,264 x64 SP2QFE Mshtml.dll 7.0.6000.20591 07-May-2007 23:07 5,669,888 x64 SP2QFE Mshtmled.dll 7.0.6000.20583 07-May-2007 23:08 758,784 x64 SP2QFE Msrating.dll 7.0.6000.20583 07-May-2007 23:08 242,176 x64 SP2QFE Mstime.dll 7.0.6000.20583 07-May-2007 23:08 1,129,472 x64 SP2QFE Occache.dll 7.0.6000.20583 07-May-2007 23:08 151,040 x64 SP2QFE Url.dll 7.0.6000.20583 07-May-2007 23:08 108,544 x64 SP2QFE Urlmon.dll 7.0.6000.20583 07-May-2007 23:09 1,420,800 x64 SP2QFE Webcheck.dll 7.0.6000.20583 07-May-2007 23:09 295,424 x64 SP2QFE Wininet.dll 7.0.6000.20583 07-May-2007 23:09 1,020,928 x64 SP2QFE Wadvpack.dll 7.0.6000.20583 07-May-2007 23:13 124,928 x86 SP2QFE\WOW Wextmgr.dll 7.0.6000.20583 07-May-2007 23:13 132,608 x86 SP2QFE\WOW Wie4uinit.exe 7.0.6000.20583 07-May-2007 23:13 56,832 x86 SP2QFE\WOW Wieakeng.dll 7.0.6000.20583 07-May-2007 23:13 153,088 x86 SP2QFE\WOW Wieaksie.dll 7.0.6000.20583 07-May-2007 23:13 230,400 x86 SP2QFE\WOW Wieakui.dll 7.0.6000.20583 07-May-2007 23:13 161,792 x86 SP2QFE\WOW Wieapfltr.dat 7.0.6011.0 07-May-2007 23:13 2,455,488 x64 SP2QFE\WOW Wieapfltr.dll 7.0.6000.16461 07-May-2007 23:13 383,488 x86 SP2QFE\WOW Wiedkcs32.dll 17.0.6000.20583 07-May-2007 23:13 384,512 x86 SP2QFE\WOW Wieframe.dll 7.0.6000.20583 07-May-2007 23:13 6,059,008 x86 SP2QFE\WOW Wieframe.dll.mui 7.0.6000.16414 07-May-2007 23:13 991,232 x64 SP2QFE\WOW Wiernonce.dll 7.0.6000.20583 07-May-2007 23:13 44,544 x86 SP2QFE\WOW Wiertutil.dll 7.0.6000.20583 07-May-2007 23:13 267,776 x86 SP2QFE\WOW Wieudinit.exe 7.0.6000.20583 07-May-2007 23:13 13,824 x86 SP2QFE\WOW Wiexplore.exe 7.0.6000.20583 07-May-2007 23:13 625,152 x86 SP2QFE\WOW Winetcpl.cpl 7.0.6000.20583 07-May-2007 23:13 1,824,256 x64 SP2QFE\WOW Wjsproxy.dll 7.0.6000.20583 07-May-2007 23:13 27,648 x86 SP2QFE\WOW Wmsfeeds.dll 7.0.6000.20583 07-May-2007 23:13 459,264 x86 SP2QFE\WOW Wmsfeedsbs.dll 7.0.6000.20583 07-May-2007 23:13 52,224 x86 SP2QFE\WOW Wmshtml.dll 7.0.6000.20591 07-May-2007 23:13 3,584,000 x86 SP2QFE\WOW Wmshtmled.dll 7.0.6000.20583 07-May-2007 23:13 477,696 x86 SP2QFE\WOW Wmsrating.dll 7.0.6000.20583 07-May-2007 23:13 193,024 x86 SP2QFE\WOW Wmstime.dll 7.0.6000.20583 07-May-2007 23:13 670,720 x86 SP2QFE\WOW Woccache.dll 7.0.6000.20583 07-May-2007 23:13 102,400 x86 SP2QFE\WOW Wurl.dll 7.0.6000.20583 07-May-2007 23:13 105,984 x86 SP2QFE\WOW Wurlmon.dll 7.0.6000.20583 07-May-2007 23:13 1,153,536 x86 SP2QFE\WOW Wwebcheck.dll 7.0.6000.20583 07-May-2007 23:13 232,960 x86 SP2QFE\WOW Wwininet.dll 7.0.6000.20583 07-May-2007 23:13 823,808 x86 SP2QFE\WOW Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. Top of section Deployment Information Installing the Update When you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994. For more information about the installer, visit the Microsoft TechNet Web site. For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684. This security update supports the following setup switches. Supported Security Update Installation Switches Switch Description /help Displays the command-line options Setup Modes /passive Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. /quiet Quiet mode. This is the same as unattended mode, but no status or error messages are displayed. Restart Options /norestart Does not restart when installation has completed /forcerestart Restarts the computer after installation and force other applications to close at shutdown without saving open files first. /warnrestart[:x] Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch. /promptrestart Display a dialog box prompting the local user to allow a restart Special Options /overwriteoem Overwrites OEM files without prompting /nobackup Does not back up files needed for uninstall /forceappsclose Forces other programs to close when the computer shuts down /log:path Allows the redirection of installation log files /integrate:path Integrates the update into the Windows source files. These files are located at the path that is specified in the switch. /extract[:path] Extracts files without starting the Setup program /ER Enables extended error reporting /verbose Enables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly. Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. Removing the Update This security update supports the following setup switches. Supported Spuninst.exe Switches Switch Description /help Displays the command-line options Setup Modes /passive Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. /quiet Quiet mode. This is the same as unattended mode, but no status or error messages are displayed. Restart Options /norestart Does not restart when installation has completed /forcerestart Restarts the computer after installation and force other applications to close at shutdown without saving open files first. /warnrestart[:x] Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch. /promptrestart Display a dialog box prompting the local user to allow a restart Special Options /forceappsclose Forces other programs to close when the computer shuts down /log:path Allows the redirection of installation log files Verifying That the Update Has Been Applied • Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. • File Version Verification Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps. 1. Click Start, and then click Search. 2. In the Search Results pane, click All files and folders under Search Companion. 3. In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search. 4. In the list of files, right-click a file name from the appropriate file information table, and then click Properties. Note Depending on the edition of the operating system, or the programs that are installed on your system, some of the files that are listed in the file information table may not be installed. 5. On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table. Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation. • Registry Key Verification You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section. These registry keys may not contain a complete list of installed files. Also, these registry keys may not be created correctly when an administrator or an OEM integrates or slipstreams this security update into the Windows installation source files. Top of section Top of section Windows Server 2003 (all editions) Reference Table The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section. Inclusion in Future Service Packs The update for this issue will be included in a future service pack or update rollup Deployment Installing without user intervention Internet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: Windowsserver2003-kb933566-x86-enu /quiet Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: IE7-KB933566-WindowsServer2003-x86-enu /quiet Installing without restarting Internet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: Windowsserver2003-kb933566-x86-enu /norestart Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: IE7-KB933566-WindowsServer2003-x86-enu /norestart Update log file KB933566.log Further information See the subsection, Detection and Deployment Tools and Guidance Restart Requirement Restart required Yes, you must restart your system after you apply this security update Hotpatching This security update does not support HotPatching. For more information about HotPatching see Microsoft Knowledge Base Article 897341. Removal Information Internet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the Use the Spuninst.exe utility, located in the %Windir%\$NTUninstallKB933566$\Spuninst folder Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\ie7updates\KB933566-IE7\spuninst folder File Information See the subection, File Information, below or Microsoft Knowledge Base Article 933566 for the full file manifest Registry Key Verification Internet Explorer 6 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB933566\Filelist Internet Explorer 7 for all supported 32-bit editions, x64 editions, and Itanium-based editions of Windows Server 2003: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP0\KB933566-IE7\Filelist File Information The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. For Internet Explorer 6 for all supported 32-bit editions of Windows Server 2003: File Name Version Date Time Size Folder Browseui.dll 6.0.3790.2920 20-Apr-2007 17:13 1,036,800 SP1GDR Danim.dll 6.3.1.148 20-Apr-2007 17:13 1,058,304 SP1GDR Dxtmsft.dll 6.3.3790.2920 20-Apr-2007 17:13 363,008 SP1GDR Dxtrans.dll 6.3.3790.2920 20-Apr-2007 17:13 212,480 SP1GDR Iedw.exe 5.2.3790.2920 19-Apr-2007 11:05 17,920 SP1GDR Iepeers.dll 6.0.3790.2920 20-Apr-2007 17:13 253,952 SP1GDR Jsproxy.dll 6.0.3790.2920 20-Apr-2007 17:13 16,384 SP1GDR Mshtml.dll 6.0.3790.2920 20-Apr-2007 17:13 3,155,968 SP1GDR Mstime.dll 6.0.3790.2920 20-Apr-2007 17:13 537,088 SP1GDR Pngfilt.dll 5.2.3790.2920 20-Apr-2007 17:13 42,496 SP1GDR Shdocvw.dll 6.0.3790.2920 20-Apr-2007 17:13 1,515,008 SP1GDR Shlwapi.dll 6.0.3790.2920 20-Apr-2007 17:13 321,536 SP1GDR Urlmon.dll 6.0.3790.2920 20-Apr-2007 17:13 697,344 SP1GDR W03a2409.dll 5.2.3790.2920 19-Apr-2007 10:48 4,096 SP1GDR Wininet.dll 6.0.3790.2920 20-Apr-2007 17:13 662,528 SP1GDR Browseui.dll 6.0.3790.2920 20-Apr-2007 17:17 1,036,800 SP1QFE Danim.dll 6.3.1.148 20-Apr-2007 17:17 1,058,304 SP1QFE Dxtmsft.dll 6.3.3790.2920 20-Apr-2007 17:17 363,008 SP1QFE Dxtrans.dll 6.3.3790.2920 20-Apr-2007 17:17 212,480 SP1QFE Iedw.exe 5.2.3790.2920 19-Apr-2007 11:33 17,920 SP1QFE Iepeers.dll 6.0.3790.2920 20-Apr-2007 17:17 253,952 SP1QFE Jsproxy.dll 6.0.3790.2920 20-Apr-2007 17:17 16,384 SP1QFE Mshtml.dll 6.0.3790.2920 20-Apr-2007 17:17 3,158,528 SP1QFE Mstime.dll 6.0.3790.2920 20-Apr-2007 17:17 537,088 SP1QFE Pngfilt.dll 5.2.3790.2920 20-Apr-2007 17:17 42,496 SP1QFE Shdocvw.dll 6.0.3790.2920 20-Apr-2007 17:17 1,515,520 SP1QFE Shlwapi.dll 6.0.3790.2920 20-Apr-2007 17:17 321,536 SP1QFE Urlmon.dll 6.0.3790.2920 20-Apr-2007 17:17 697,344 SP1QFE W03a2409.dll 5.2.3790.2920 19-Apr-2007 11:02 27,648 SP1QFE Wininet.dll 6.0.3790.2920 20-Apr-2007 17:17 666,112 SP1QFE Mshtml.dll 6.0.3790.4064 20-Apr-2007 17:01 3,131,904 SP2GDR Shdocvw.dll 6.0.3790.4064 20-Apr-2007 17:01 1,508,352 SP2GDR Urlmon.dll 6.0.3790.4073 03-May-2007 16:23 697,856 SP2GDR Mshtml.dll 6.0.3790.4064 20-Apr-2007 17:07 3,132,416 SP2QFE Shdocvw.dll 6.0.3790.4064 03-May-2007 17:56 1,508,352 SP2QFE Urlmon.dll 6.0.3790.4073 03-May-2007 17:10 697,856 SP2QFE Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 7 for all supported 32-bit editions of Windows Server 2003: File Name Version Date Time Size Advpack.dll 7.0.6000.16473 25-Apr-2007 12:06 124,928 Extmgr.dll 7.0.6000.16473 25-Apr-2007 12:06 132,608 Ie4uinit.exe 7.0.6000.16473 25-Apr-2007 07:00 56,832 Ieakeng.dll 7.0.6000.16473 25-Apr-2007 12:06 153,088 Ieaksie.dll 7.0.6000.16473 25-Apr-2007 12:06 230,400 Ieakui.dll 7.0.6000.16473 24-Apr-2007 10:54 161,792 Ieapfltr.dat 7.0.6011.0 17-Apr-2007 09:43 2,455,488 Ieapfltr.dll 7.0.6000.16461 25-Apr-2007 12:06 383,488 Iedkcs32.dll 17.0.6000.16473 25-Apr-2007 12:06 384,512 Ieframe.dll 7.0.6000.16473 25-Apr-2007 12:06 6,058,496 Ieframe.dll.mui 7.0.6000.16414 20-Feb-2007 06:33 991,232 Iernonce.dll 7.0.6000.16473 25-Apr-2007 12:06 44,544 Iertutil.dll 7.0.6000.16473 25-Apr-2007 12:06 267,776 Ieudinit.exe 7.0.6000.16473 25-Apr-2007 07:00 13,824 Iexplore.exe 7.0.6000.16473 25-Apr-2007 07:01 625,152 Inetcpl.cpl 7.0.6000.16473 25-Apr-2007 12:06 1,824,768 Jsproxy.dll 7.0.6000.16473 25-Apr-2007 12:06 27,648 Msfeeds.dll 7.0.6000.16473 25-Apr-2007 12:06 459,264 Msfeedsbs.dll 7.0.6000.16473 25-Apr-2007 12:06 52,224 Mshtml.dll 7.0.6000.16481 07-May-2007 18:58 3,583,488 Mshtmled.dll 7.0.6000.16473 25-Apr-2007 12:06 477,696 Msrating.dll 7.0.6000.16473 25-Apr-2007 12:06 193,024 Mstime.dll 7.0.6000.16473 25-Apr-2007 12:06 670,720 Occache.dll 7.0.6000.16473 25-Apr-2007 12:06 102,400 Url.dll 7.0.6000.16473 25-Apr-2007 12:06 105,984 Urlmon.dll 7.0.6000.16473 25-Apr-2007 12:06 1,152,000 Webcheck.dll 7.0.6000.16473 25-Apr-2007 12:06 232,960 Wininet.dll 7.0.6000.16473 25-Apr-2007 12:06 822,784 Advpack.dll 7.0.6000.20583 25-Apr-2007 11:28 124,928 Extmgr.dll 7.0.6000.20583 25-Apr-2007 11:28 132,608 Ie4uinit.exe 7.0.6000.20583 24-Apr-2007 10:47 56,832 Ieakeng.dll 7.0.6000.20583 25-Apr-2007 11:28 153,088 Ieaksie.dll 7.0.6000.20583 25-Apr-2007 11:28 230,400 Ieakui.dll 7.0.6000.20583 24-Apr-2007 09:09 161,792 Ieapfltr.dat 7.0.6011.0 17-Apr-2007 09:43 2,455,488 Ieapfltr.dll 7.0.6000.16461 25-Apr-2007 11:28 383,488 Iedkcs32.dll 17.0.6000.20583 25-Apr-2007 11:28 384,512 Ieframe.dll 7.0.6000.20583 25-Apr-2007 11:28 6,059,008 Ieframe.dll.mui 7.0.6000.16414 20-Feb-2007 06:33 991,232 Iernonce.dll 7.0.6000.20583 25-Apr-2007 11:28 44,544 Iertutil.dll 7.0.6000.20583 25-Apr-2007 11:28 267,776 Ieudinit.exe 7.0.6000.20583 24-Apr-2007 10:47 13,824 Iexplore.exe 7.0.6000.20583 24-Apr-2007 10:47 625,152 Inetcpl.cpl 7.0.6000.20583 25-Apr-2007 11:28 1,824,256 Jsproxy.dll 7.0.6000.20583 25-Apr-2007 11:28 27,648 Msfeeds.dll 7.0.6000.20583 25-Apr-2007 11:28 459,264 Msfeedsbs.dll 7.0.6000.20583 25-Apr-2007 11:28 52,224 Mshtml.dll 7.0.6000.20591 07-May-2007 19:37 3,584,000 Mshtmled.dll 7.0.6000.20583 25-Apr-2007 11:28 477,696 Msrating.dll 7.0.6000.20583 25-Apr-2007 11:28 193,024 Mstime.dll 7.0.6000.20583 25-Apr-2007 11:28 670,720 Occache.dll 7.0.6000.20583 25-Apr-2007 11:28 102,400 Url.dll 7.0.6000.20583 25-Apr-2007 11:28 105,984 Urlmon.dll 7.0.6000.20583 25-Apr-2007 11:28 1,153,536 Webcheck.dll 7.0.6000.20583 25-Apr-2007 11:28 232,960 Wininet.dll 7.0.6000.20583 25-Apr-2007 11:28 823,808 Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 6 for all supported Itanium-based editions of Windows Server 2003: File Name Version Date Time Size CPU Folder Browseui.dll 6.0.3790.2920 03-May-2007 20:18 2,542,080 IA-64 SP1GDR Dxtmsft.dll 6.3.3790.2920 03-May-2007 20:18 1,009,152 IA-64 SP1GDR Dxtrans.dll 6.3.3790.2920 03-May-2007 20:18 640,512 IA-64 SP1GDR Iepeers.dll 6.0.3790.2920 03-May-2007 20:18 717,312 IA-64 SP1GDR Jsproxy.dll 6.0.3790.2920 03-May-2007 20:18 45,568 IA-64 SP1GDR Mshtml.dll 6.0.3790.2920 03-May-2007 20:18 9,365,504 IA-64 SP1GDR Mstime.dll 6.0.3790.2920 03-May-2007 20:19 1,845,760 IA-64 SP1GDR Pngfilt.dll 5.2.3790.2920 03-May-2007 20:19 116,736 IA-64 SP1GDR Shdocvw.dll 6.0.3790.2920 03-May-2007 20:19 3,678,720 IA-64 SP1GDR Shlwapi.dll 6.0.3790.2920 03-May-2007 20:19 823,296 IA-64 SP1GDR Urlmon.dll 6.0.3790.2920 03-May-2007 20:19 1,615,872 IA-64 SP1GDR W03a2409.dll 5.2.3790.2920 03-May-2007 20:19 3,072 IA-64 SP1GDR Wininet.dll 6.0.3790.2920 03-May-2007 20:19 1,695,744 IA-64 SP1GDR Wbrowseui.dll 6.0.3790.2920 03-May-2007 20:19 1,036,800 x86 SP1GDR\WOW Wdanim.dll 6.3.1.148 03-May-2007 20:19 1,058,304 x86 SP1GDR\WOW Wdxtmsft.dll 6.3.3790.2920 03-May-2007 20:19 363,008 x86 SP1GDR\WOW Wdxtrans.dll 6.3.3790.2920 03-May-2007 20:19 212,480 x86 SP1GDR\WOW Wiedw.exe 5.2.3790.2920 03-May-2007 20:19 17,920 x86 SP1GDR\WOW Wiepeers.dll 6.0.3790.2920 03-May-2007 20:19 253,952 x86 SP1GDR\WOW Wjsproxy.dll 6.0.3790.2920 03-May-2007 20:19 16,384 x86 SP1GDR\WOW Wmshtml.dll 6.0.3790.2920 03-May-2007 20:19 3,155,968 x86 SP1GDR\WOW Wmstime.dll 6.0.3790.2920 03-May-2007 20:19 537,088 x86 SP1GDR\WOW Wpngfilt.dll 5.2.3790.2920 03-May-2007 20:19 42,496 x86 SP1GDR\WOW Wshdocvw.dll 6.0.3790.2920 03-May-2007 20:19 1,515,008 x86 SP1GDR\WOW Wshlwapi.dll 6.0.3790.2920 03-May-2007 20:19 321,536 x86 SP1GDR\WOW Wurlmon.dll 6.0.3790.2920 03-May-2007 20:19 697,344 x86 SP1GDR\WOW Ww03a2409.dll 5.2.3790.2920 03-May-2007 20:19 4,096 x86 SP1GDR\WOW Wwininet.dll 6.0.3790.2920 03-May-2007 20:19 662,528 x86 SP1GDR\WOW Browseui.dll 6.0.3790.2920 03-May-2007 20:18 2,541,568 IA-64 SP1QFE Dxtmsft.dll 6.3.3790.2920 03-May-2007 20:18 1,009,152 IA-64 SP1QFE Dxtrans.dll 6.3.3790.2920 03-May-2007 20:18 640,512 IA-64 SP1QFE Iepeers.dll 6.0.3790.2920 03-May-2007 20:18 717,824 IA-64 SP1QFE Jsproxy.dll 6.0.3790.2920 03-May-2007 20:18 45,568 IA-64 SP1QFE Mshtml.dll 6.0.3790.2920 03-May-2007 20:18 9,371,648 IA-64 SP1QFE Mstime.dll 6.0.3790.2920 03-May-2007 20:19 1,845,760 IA-64 SP1QFE Pngfilt.dll 5.2.3790.2920 03-May-2007 20:19 116,736 IA-64 SP1QFE Shdocvw.dll 6.0.3790.2920 03-May-2007 20:19 3,680,256 IA-64 SP1QFE Shlwapi.dll 6.0.3790.2920 03-May-2007 20:19 823,296 IA-64 SP1QFE Urlmon.dll 6.0.3790.2920 03-May-2007 20:19 1,616,384 IA-64 SP1QFE W03a2409.dll 5.2.3790.2920 03-May-2007 20:19 26,624 IA-64 SP1QFE Wininet.dll 6.0.3790.2920 03-May-2007 20:19 1,701,376 IA-64 SP1QFE Wbrowseui.dll 6.0.3790.2920 03-May-2007 20:19 1,036,800 x86 SP1QFE\WOW Wdanim.dll 6.3.1.148 03-May-2007 20:19 1,058,304 x86 SP1QFE\WOW Wdxtmsft.dll 6.3.3790.2920 03-May-2007 20:19 363,008 x86 SP1QFE\WOW Wdxtrans.dll 6.3.3790.2920 03-May-2007 20:19 212,480 x86 SP1QFE\WOW Wiedw.exe 5.2.3790.2920 03-May-2007 20:19 17,920 x86 SP1QFE\WOW Wiepeers.dll 6.0.3790.2920 03-May-2007 20:19 253,952 x86 SP1QFE\WOW Wjsproxy.dll 6.0.3790.2920 03-May-2007 20:19 16,384 x86 SP1QFE\WOW Wmshtml.dll 6.0.3790.2920 03-May-2007 20:19 3,158,528 x86 SP1QFE\WOW Wmstime.dll 6.0.3790.2920 03-May-2007 20:19 537,088 x86 SP1QFE\WOW Wpngfilt.dll 5.2.3790.2920 03-May-2007 20:19 42,496 x86 SP1QFE\WOW Wshdocvw.dll 6.0.3790.2920 03-May-2007 20:19 1,515,520 x86 SP1QFE\WOW Wshlwapi.dll 6.0.3790.2920 03-May-2007 20:19 321,536 x86 SP1QFE\WOW Wurlmon.dll 6.0.3790.2920 03-May-2007 20:19 697,344 x86 SP1QFE\WOW Ww03a2409.dll 5.2.3790.2920 03-May-2007 20:19 27,648 x86 SP1QFE\WOW Wwininet.dll 6.0.3790.2920 03-May-2007 20:19 666,112 x86 SP1QFE\WOW Mshtml.dll 6.0.3790.4064 03-May-2007 20:41 9,371,136 IA-64 SP2GDR Shdocvw.dll 6.0.3790.4064 03-May-2007 20:41 3,679,232 IA-64 SP2GDR Urlmon.dll 6.0.3790.4073 03-May-2007 20:41 1,618,944 IA-64 SP2GDR Wmshtml.dll 6.0.3790.4064 03-May-2007 20:42 3,131,904 x86 SP2GDR\WOW Wshdocvw.dll 6.0.3790.4064 03-May-2007 20:42 1,508,352 x86 SP2GDR\WOW Wurlmon.dll 6.0.3790.4073 03-May-2007 20:42 697,856 x86 SP2GDR\WOW Mshtml.dll 6.0.3790.4064 03-May-2007 20:18 9,373,184 IA-64 SP2QFE Shdocvw.dll 6.0.3790.4064 03-May-2007 20:18 3,679,744 IA-64 SP2QFE Urlmon.dll 6.0.3790.4073 03-May-2007 20:18 1,618,944 IA-64 SP2QFE Wmshtml.dll 6.0.3790.4064 03-May-2007 20:18 3,132,416 x86 SP2QFE\WOW Wshdocvw.dll 6.0.3790.4064 03-May-2007 20:18 1,508,352 x86 SP2QFE\WOW Wurlmon.dll 6.0.3790.4073 03-May-2007 20:18 697,856 x86 SP2QFE\WOW Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 7 for all supported Itanium-based editions of Windows Server 2003: File Name Version Date Time Size CPU Folder Advpack.dll 7.0.6000.16473 07-May-2007 23:17 283,136 IA-64 SP2GDR Extmgr.dll 7.0.6000.16473 07-May-2007 23:17 309,760 IA-64 SP2GDR Ie4uinit.exe 7.0.6000.16473 07-May-2007 23:17 110,080 IA-64 SP2GDR Ieakeng.dll 7.0.6000.16473 07-May-2007 23:17 385,536 IA-64 SP2GDR Ieaksie.dll 7.0.6000.16473 07-May-2007 23:17 503,808 IA-64 SP2GDR Ieakui.dll 7.0.6000.16473 07-May-2007 23:17 161,792 IA-64 SP2GDR Ieapfltr.dat 7.0.6011.0 07-May-2007 23:17 2,455,488 SP2GDR Ieapfltr.dll 7.0.6000.16461 07-May-2007 23:17 1,075,712 IA-64 SP2GDR Iedkcs32.dll 17.0.6000.16473 07-May-2007 23:17 748,032 IA-64 SP2GDR Ieframe.dll 7.0.6000.16473 07-May-2007 23:17 11,550,208 IA-64 SP2GDR Ieframe.dll.mui 7.0.6000.16414 07-May-2007 23:17 980,992 SP2GDR Iernonce.dll 7.0.6000.16473 07-May-2007 23:17 99,840 IA-64 SP2GDR Iertutil.dll 7.0.6000.16473 07-May-2007 23:17 540,160 IA-64 SP2GDR Ieudinit.exe 7.0.6000.16473 07-May-2007 23:17 30,720 IA-64 SP2GDR Iexplore.exe 7.0.6000.16473 07-May-2007 23:17 751,104 IA-64 SP2GDR Inetcpl.cpl 7.0.6000.16473 07-May-2007 23:17 2,387,456 SP2GDR Jsproxy.dll 7.0.6000.16473 07-May-2007 23:17 82,432 IA-64 SP2GDR Msfeeds.dll 7.0.6000.16473 07-May-2007 23:17 958,464 IA-64 SP2GDR Msfeedsbs.dll 7.0.6000.16473 07-May-2007 23:17 136,704 IA-64 SP2GDR Mshtml.dll 7.0.6000.16481 07-May-2007 23:17 9,971,200 IA-64 SP2GDR Mshtmled.dll 7.0.6000.16473 07-May-2007 23:18 1,518,592 IA-64 SP2GDR Msrating.dll 7.0.6000.16473 07-May-2007 23:18 479,232 IA-64 SP2GDR Mstime.dll 7.0.6000.16473 07-May-2007 23:18 2,229,760 IA-64 SP2GDR Occache.dll 7.0.6000.16473 07-May-2007 23:18 261,120 IA-64 SP2GDR Url.dll 7.0.6000.16473 07-May-2007 23:18 130,048 IA-64 SP2GDR Urlmon.dll 7.0.6000.16473 07-May-2007 23:18 2,525,696 IA-64 SP2GDR Webcheck.dll 7.0.6000.16473 07-May-2007 23:18 638,976 IA-64 SP2GDR Wininet.dll 7.0.6000.16473 07-May-2007 23:18 1,858,560 IA-64 SP2GDR Wadvpack.dll 7.0.6000.16473 07-May-2007 23:18 124,928 x86 SP2GDR\WOW Wextmgr.dll 7.0.6000.16473 07-May-2007 23:18 132,608 x86 SP2GDR\WOW Wie4uinit.exe 7.0.6000.16473 07-May-2007 23:18 56,832 x86 SP2GDR\WOW Wieakeng.dll 7.0.6000.16473 07-May-2007 23:18 153,088 x86 SP2GDR\WOW Wieaksie.dll 7.0.6000.16473 07-May-2007 23:18 230,400 x86 SP2GDR\WOW Wieakui.dll 7.0.6000.16473 07-May-2007 23:18 161,792 x86 SP2GDR\WOW Wieapfltr.dat 7.0.6011.0 07-May-2007 23:18 2,455,488 SP2GDR\WOW Wieapfltr.dll 7.0.6000.16461 07-May-2007 23:18 383,488 x86 SP2GDR\WOW Wiedkcs32.dll 17.0.6000.16473 07-May-2007 23:18 384,512 x86 SP2GDR\WOW Wieframe.dll 7.0.6000.16473 07-May-2007 23:18 6,058,496 x86 SP2GDR\WOW Wieframe.dll.mui 7.0.6000.16414 07-May-2007 23:18 991,232 SP2GDR\WOW Wiernonce.dll 7.0.6000.16473 07-May-2007 23:18 44,544 x86 SP2GDR\WOW Wiertutil.dll 7.0.6000.16473 07-May-2007 23:18 267,776 x86 SP2GDR\WOW Wieudinit.exe 7.0.6000.16473 07-May-2007 23:18 13,824 x86 SP2GDR\WOW Wiexplore.exe 7.0.6000.16473 07-May-2007 23:18 625,152 x86 SP2GDR\WOW Winetcpl.cpl 7.0.6000.16473 07-May-2007 23:18 1,824,768 SP2GDR\WOW Wjsproxy.dll 7.0.6000.16473 07-May-2007 23:18 27,648 x86 SP2GDR\WOW Wmsfeeds.dll 7.0.6000.16473 07-May-2007 23:18 459,264 x86 SP2GDR\WOW Wmsfeedsbs.dll 7.0.6000.16473 07-May-2007 23:18 52,224 x86 SP2GDR\WOW Wmshtml.dll 7.0.6000.16481 07-May-2007 23:18 3,583,488 x86 SP2GDR\WOW Wmshtmled.dll 7.0.6000.16473 07-May-2007 23:18 477,696 x86 SP2GDR\WOW Wmsrating.dll 7.0.6000.16473 07-May-2007 23:18 193,024 x86 SP2GDR\WOW Wmstime.dll 7.0.6000.16473 07-May-2007 23:18 670,720 x86 SP2GDR\WOW Woccache.dll 7.0.6000.16473 07-May-2007 23:18 102,400 x86 SP2GDR\WOW Wurl.dll 7.0.6000.16473 07-May-2007 23:18 105,984 x86 SP2GDR\WOW Wurlmon.dll 7.0.6000.16473 07-May-2007 23:18 1,152,000 x86 SP2GDR\WOW Wwebcheck.dll 7.0.6000.16473 07-May-2007 23:18 232,960 x86 SP2GDR\WOW Wwininet.dll 7.0.6000.16473 07-May-2007 23:18 822,784 x86 SP2GDR\WOW Advpack.dll 7.0.6000.20583 07-May-2007 23:06 283,136 IA-64 SP2QFE Extmgr.dll 7.0.6000.20583 07-May-2007 23:06 309,760 IA-64 SP2QFE Ie4uinit.exe 7.0.6000.20583 07-May-2007 23:06 110,080 IA-64 SP2QFE Ieakeng.dll 7.0.6000.20583 07-May-2007 23:06 385,536 IA-64 SP2QFE Ieaksie.dll 7.0.6000.20583 07-May-2007 23:06 503,808 IA-64 SP2QFE Ieakui.dll 7.0.6000.20583 07-May-2007 23:06 161,792 IA-64 SP2QFE Ieapfltr.dat 7.0.6011.0 07-May-2007 23:06 2,455,488 SP2QFE Ieapfltr.dll 7.0.6000.16461 07-May-2007 23:06 1,075,712 IA-64 SP2QFE Iedkcs32.dll 17.0.6000.20583 07-May-2007 23:06 748,032 IA-64 SP2QFE Ieframe.dll 7.0.6000.20583 07-May-2007 23:07 11,550,208 IA-64 SP2QFE Ieframe.dll.mui 7.0.6000.16414 07-May-2007 23:07 980,992 SP2QFE Iernonce.dll 7.0.6000.20583 07-May-2007 23:07 99,840 IA-64 SP2QFE Iertutil.dll 7.0.6000.20583 07-May-2007 23:07 540,160 IA-64 SP2QFE Ieudinit.exe 7.0.6000.20583 07-May-2007 23:07 30,720 IA-64 SP2QFE Iexplore.exe 7.0.6000.20583 07-May-2007 23:07 751,104 IA-64 SP2QFE Inetcpl.cpl 7.0.6000.20583 07-May-2007 23:07 2,387,456 SP2QFE Jsproxy.dll 7.0.6000.20583 07-May-2007 23:07 82,432 IA-64 SP2QFE Msfeeds.dll 7.0.6000.20583 07-May-2007 23:07 958,464 IA-64 SP2QFE Msfeedsbs.dll 7.0.6000.20583 07-May-2007 23:07 136,704 IA-64 SP2QFE Mshtml.dll 7.0.6000.20591 07-May-2007 23:07 9,972,736 IA-64 SP2QFE Mshtmled.dll 7.0.6000.20583 07-May-2007 23:08 1,518,592 IA-64 SP2QFE Msrating.dll 7.0.6000.20583 07-May-2007 23:08 479,232 IA-64 SP2QFE Mstime.dll 7.0.6000.20583 07-May-2007 23:08 2,229,760 IA-64 SP2QFE Occache.dll 7.0.6000.20583 07-May-2007 23:08 261,120 IA-64 SP2QFE Url.dll 7.0.6000.20583 07-May-2007 23:08 130,048 IA-64 SP2QFE Urlmon.dll 7.0.6000.20583 07-May-2007 23:08 2,529,280 IA-64 SP2QFE Webcheck.dll 7.0.6000.20583 07-May-2007 23:08 638,976 IA-64 SP2QFE Wininet.dll 7.0.6000.20583 07-May-2007 23:08 1,859,584 IA-64 SP2QFE Wadvpack.dll 7.0.6000.20583 07-May-2007 23:11 124,928 x86 SP2QFE\WOW Wextmgr.dll 7.0.6000.20583 07-May-2007 23:11 132,608 x86 SP2QFE\WOW Wie4uinit.exe 7.0.6000.20583 07-May-2007 23:11 56,832 x86 SP2QFE\WOW Wieakeng.dll 7.0.6000.20583 07-May-2007 23:11 153,088 x86 SP2QFE\WOW Wieaksie.dll 7.0.6000.20583 07-May-2007 23:11 230,400 x86 SP2QFE\WOW Wieakui.dll 7.0.6000.20583 07-May-2007 23:11 161,792 x86 SP2QFE\WOW Wieapfltr.dat 7.0.6011.0 07-May-2007 23:11 2,455,488 SP2QFE\WOW Wieapfltr.dll 7.0.6000.16461 07-May-2007 23:11 383,488 x86 SP2QFE\WOW Wiedkcs32.dll 17.0.6000.20583 07-May-2007 23:11 384,512 x86 SP2QFE\WOW Wieframe.dll 7.0.6000.20583 07-May-2007 23:11 6,059,008 x86 SP2QFE\WOW Wieframe.dll.mui 7.0.6000.16414 07-May-2007 23:11 991,232 SP2QFE\WOW Wiernonce.dll 7.0.6000.20583 07-May-2007 23:11 44,544 x86 SP2QFE\WOW Wiertutil.dll 7.0.6000.20583 07-May-2007 23:11 267,776 x86 SP2QFE\WOW Wieudinit.exe 7.0.6000.20583 07-May-2007 23:11 13,824 x86 SP2QFE\WOW Wiexplore.exe 7.0.6000.20583 07-May-2007 23:11 625,152 x86 SP2QFE\WOW Winetcpl.cpl 7.0.6000.20583 07-May-2007 23:11 1,824,256 SP2QFE\WOW Wjsproxy.dll 7.0.6000.20583 07-May-2007 23:11 27,648 x86 SP2QFE\WOW Wmsfeeds.dll 7.0.6000.20583 07-May-2007 23:11 459,264 x86 SP2QFE\WOW Wmsfeedsbs.dll 7.0.6000.20583 07-May-2007 23:11 52,224 x86 SP2QFE\WOW Wmshtml.dll 7.0.6000.20591 07-May-2007 23:11 3,584,000 x86 SP2QFE\WOW Wmshtmled.dll 7.0.6000.20583 07-May-2007 23:11 477,696 x86 SP2QFE\WOW Wmsrating.dll 7.0.6000.20583 07-May-2007 23:11 193,024 x86 SP2QFE\WOW Wmstime.dll 7.0.6000.20583 07-May-2007 23:11 670,720 x86 SP2QFE\WOW Woccache.dll 7.0.6000.20583 07-May-2007 23:11 102,400 x86 SP2QFE\WOW Wurl.dll 7.0.6000.20583 07-May-2007 23:11 105,984 x86 SP2QFE\WOW Wurlmon.dll 7.0.6000.20583 07-May-2007 23:11 1,153,536 x86 SP2QFE\WOW Wwebcheck.dll 7.0.6000.20583 07-May-2007 23:11 232,960 x86 SP2QFE\WOW Wwininet.dll 7.0.6000.20583 07-May-2007 23:11 823,808 x86 SP2QFE\WOW Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 6 for all supported x64 editions of Windows Server 2003: File Name Version Date Time Size CPU Folder Browseui.dll 6.0.3790.2920 03-May-2007 20:21 1,605,120 x64 SP1GDR Danim.dll 6.3.1.148 03-May-2007 20:22 1,989,120 x64 SP1GDR Dxtmsft.dll 6.3.3790.2920 03-May-2007 20:22 561,664 x64 SP1GDR Dxtrans.dll 6.3.3790.2920 03-May-2007 20:22 332,288 x64 SP1GDR Iepeers.dll 6.0.3790.2920 03-May-2007 20:22 369,664 x64 SP1GDR Jsproxy.dll 6.0.3790.2920 03-May-2007 20:22 24,064 x64 SP1GDR Mshtml.dll 6.0.3790.2920 03-May-2007 20:22 5,997,568 x64 SP1GDR Mstime.dll 6.0.3790.2920 03-May-2007 20:22 900,608 x64 SP1GDR Pngfilt.dll 5.2.3790.2920 03-May-2007 20:22 64,000 x64 SP1GDR Shdocvw.dll 6.0.3790.2920 03-May-2007 20:22 2,438,144 x64 SP1GDR Shlwapi.dll 6.0.3790.2920 03-May-2007 20:22 621,568 x64 SP1GDR Urlmon.dll 6.0.3790.2920 03-May-2007 20:22 1,085,440 x64 SP1GDR W03a2409.dll 5.2.3790.2920 03-May-2007 20:22 4,608 x64 SP1GDR Wininet.dll 6.0.3790.2920 03-May-2007 20:22 1,187,840 x64 SP1GDR Wbrowseui.dll 6.0.3790.2920 03-May-2007 20:22 1,036,800 x86 SP1GDR\WOW Wdanim.dll 6.3.1.148 03-May-2007 20:22 1,058,304 x86 SP1GDR\WOW Wdxtmsft.dll 6.3.3790.2920 03-May-2007 20:22 363,008 x86 SP1GDR\WOW Wdxtrans.dll 6.3.3790.2920 03-May-2007 20:22 212,480 x86 SP1GDR\WOW Wiedw.exe 5.2.3790.2920 03-May-2007 20:22 17,920 x86 SP1GDR\WOW Wiepeers.dll 6.0.3790.2920 03-May-2007 20:22 253,952 x86 SP1GDR\WOW Wjsproxy.dll 6.0.3790.2920 03-May-2007 20:22 16,384 x86 SP1GDR\WOW Wmshtml.dll 6.0.3790.2920 03-May-2007 20:22 3,155,968 x86 SP1GDR\WOW Wmstime.dll 6.0.3790.2920 03-May-2007 20:22 537,088 x86 SP1GDR\WOW Wpngfilt.dll 5.2.3790.2920 03-May-2007 20:22 42,496 x86 SP1GDR\WOW Wshdocvw.dll 6.0.3790.2920 03-May-2007 20:22 1,515,008 x86 SP1GDR\WOW Wshlwapi.dll 6.0.3790.2920 03-May-2007 20:22 321,536 x86 SP1GDR\WOW Wurlmon.dll 6.0.3790.2920 03-May-2007 20:22 697,344 x86 SP1GDR\WOW Ww03a2409.dll 5.2.3790.2920 03-May-2007 20:22 4,096 x86 SP1GDR\WOW Wwininet.dll 6.0.3790.2920 03-May-2007 20:22 662,528 x86 SP1GDR\WOW Browseui.dll 6.0.3790.2920 03-May-2007 20:21 1,605,120 x64 SP1QFE Danim.dll 6.3.1.148 03-May-2007 20:21 1,989,120 x64 SP1QFE Dxtmsft.dll 6.3.3790.2920 03-May-2007 20:21 561,664 x64 SP1QFE Dxtrans.dll 6.3.3790.2920 03-May-2007 20:21 332,288 x64 SP1QFE Iepeers.dll 6.0.3790.2920 03-May-2007 20:21 370,176 x64 SP1QFE Jsproxy.dll 6.0.3790.2920 03-May-2007 20:21 24,064 x64 SP1QFE Mshtml.dll 6.0.3790.2920 03-May-2007 20:21 6,001,664 x64 SP1QFE Mstime.dll 6.0.3790.2920 03-May-2007 20:22 900,608 x64 SP1QFE Pngfilt.dll 5.2.3790.2920 03-May-2007 20:22 64,000 x64 SP1QFE Shdocvw.dll 6.0.3790.2920 03-May-2007 20:22 2,438,656 x64 SP1QFE Shlwapi.dll 6.0.3790.2920 03-May-2007 20:22 621,568 x64 SP1QFE Urlmon.dll 6.0.3790.2920 03-May-2007 20:22 1,085,440 x64 SP1QFE W03a2409.dll 5.2.3790.2920 03-May-2007 20:22 28,160 x64 SP1QFE Wininet.dll 6.0.3790.2920 03-May-2007 20:22 1,189,888 x64 SP1QFE Wbrowseui.dll 6.0.3790.2920 03-May-2007 20:22 1,036,800 x86 SP1QFE\WOW Wdanim.dll 6.3.1.148 03-May-2007 20:22 1,058,304 x86 SP1QFE\WOW Wdxtmsft.dll 6.3.3790.2920 03-May-2007 20:22 363,008 x86 SP1QFE\WOW Wdxtrans.dll 6.3.3790.2920 03-May-2007 20:22 212,480 x86 SP1QFE\WOW Wiedw.exe 5.2.3790.2920 03-May-2007 20:22 17,920 x86 SP1QFE\WOW Wiepeers.dll 6.0.3790.2920 03-May-2007 20:22 253,952 x86 SP1QFE\WOW Wjsproxy.dll 6.0.3790.2920 03-May-2007 20:22 16,384 x86 SP1QFE\WOW Wmshtml.dll 6.0.3790.2920 03-May-2007 20:22 3,158,528 x86 SP1QFE\WOW Wmstime.dll 6.0.3790.2920 03-May-2007 20:22 537,088 x86 SP1QFE\WOW Wpngfilt.dll 5.2.3790.2920 03-May-2007 20:22 42,496 x86 SP1QFE\WOW Wshdocvw.dll 6.0.3790.2920 03-May-2007 20:22 1,515,520 x86 SP1QFE\WOW Wshlwapi.dll 6.0.3790.2920 03-May-2007 20:22 321,536 x86 SP1QFE\WOW Wurlmon.dll 6.0.3790.2920 03-May-2007 20:22 697,344 x86 SP1QFE\WOW Ww03a2409.dll 5.2.3790.2920 03-May-2007 20:22 27,648 x86 SP1QFE\WOW Wwininet.dll 6.0.3790.2920 03-May-2007 20:22 666,112 x86 SP1QFE\WOW Mshtml.dll 6.0.3790.4064 03-May-2007 20:45 5,998,592 x64 SP2GDR Shdocvw.dll 6.0.3790.4064 03-May-2007 20:46 2,438,144 x64 SP2GDR Urlmon.dll 6.0.3790.4073 03-May-2007 20:46 1,088,000 x64 SP2GDR Wmshtml.dll 6.0.3790.4064 03-May-2007 20:46 3,131,904 x86 SP2GDR\WOW Wshdocvw.dll 6.0.3790.4064 03-May-2007 20:46 1,508,352 x86 SP2GDR\WOW Wurlmon.dll 6.0.3790.4073 03-May-2007 20:46 697,856 x86 SP2GDR\WOW Mshtml.dll 6.0.3790.4064 04-May-2007 05:55 6,000,128 x64 SP2QFE Shdocvw.dll 6.0.3790.4064 04-May-2007 05:55 2,438,656 x64 SP2QFE Urlmon.dll 6.0.3790.4073 04-May-2007 05:55 1,088,000 x64 SP2QFE Wmshtml.dll 6.0.3790.4064 04-May-2007 05:55 3,132,416 x86 SP2QFE\WOW Wshdocvw.dll 6.0.3790.4064 04-May-2007 05:55 1,508,352 x86 SP2QFE\WOW Wurlmon.dll 6.0.3790.4073 04-May-2007 05:55 697,856 x86 SP2QFE\WOW Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 7 for all supported x64 editions of Windows Server 2003: File Name Version Date Time Size CPU Folder Advpack.dll 7.0.6000.16473 07-May-2007 23:27 161,280 x64 SP2GDR Extmgr.dll 7.0.6000.16473 07-May-2007 23:27 188,416 x64 SP2GDR Ie4uinit.exe 7.0.6000.16473 07-May-2007 23:27 68,608 x64 SP2GDR Ieakeng.dll 7.0.6000.16473 07-May-2007 23:27 196,096 x64 SP2GDR Ieaksie.dll 7.0.6000.16473 07-May-2007 23:27 267,776 x64 SP2GDR Ieakui.dll 7.0.6000.16473 07-May-2007 23:27 161,792 x64 SP2GDR Ieapfltr.dat 7.0.6011.0 07-May-2007 23:27 2,455,488 x64 SP2GDR Ieapfltr.dll 7.0.6000.16461 07-May-2007 23:27 424,448 x64 SP2GDR Iedkcs32.dll 17.0.6000.16473 07-May-2007 23:27 468,480 x64 SP2GDR Ieframe.dll 7.0.6000.16473 07-May-2007 23:28 7,058,944 x64 SP2GDR Ieframe.dll.mui 7.0.6000.16414 07-May-2007 23:28 983,552 x64 SP2GDR Iernonce.dll 7.0.6000.16473 07-May-2007 23:28 57,344 x64 SP2GDR Iertutil.dll 7.0.6000.16473 07-May-2007 23:28 355,840 x64 SP2GDR Ieudinit.exe 7.0.6000.16473 07-May-2007 23:28 13,824 x64 SP2GDR Iexplore.exe 7.0.6000.16473 07-May-2007 23:28 679,424 x64 SP2GDR Inetcpl.cpl 7.0.6000.16473 07-May-2007 23:28 2,025,472 x64 SP2GDR Jsproxy.dll 7.0.6000.16473 07-May-2007 23:28 32,256 x64 SP2GDR Msfeeds.dll 7.0.6000.16473 07-May-2007 23:28 553,984 x64 SP2GDR Msfeedsbs.dll 7.0.6000.16473 07-May-2007 23:28 75,264 x64 SP2GDR Mshtml.dll 7.0.6000.16481 07-May-2007 23:28 5,668,352 x64 SP2GDR Mshtmled.dll 7.0.6000.16473 07-May-2007 23:28 758,784 x64 SP2GDR Msrating.dll 7.0.6000.16473 07-May-2007 23:29 242,176 x64 SP2GDR Mstime.dll 7.0.6000.16473 07-May-2007 23:29 1,129,472 x64 SP2GDR Occache.dll 7.0.6000.16473 07-May-2007 23:29 151,040 x64 SP2GDR Url.dll 7.0.6000.16473 07-May-2007 23:29 108,544 x64 SP2GDR Urlmon.dll 7.0.6000.16473 07-May-2007 23:29 1,418,752 x64 SP2GDR Webcheck.dll 7.0.6000.16473 07-May-2007 23:29 295,424 x64 SP2GDR Wininet.dll 7.0.6000.16473 07-May-2007 23:29 1,019,392 x64 SP2GDR Wadvpack.dll 7.0.6000.16473 07-May-2007 23:31 124,928 x86 SP2GDR\WOW Wextmgr.dll 7.0.6000.16473 07-May-2007 23:31 132,608 x86 SP2GDR\WOW Wie4uinit.exe 7.0.6000.16473 07-May-2007 23:31 56,832 x86 SP2GDR\WOW Wieakeng.dll 7.0.6000.16473 07-May-2007 23:31 153,088 x86 SP2GDR\WOW Wieaksie.dll 7.0.6000.16473 07-May-2007 23:31 230,400 x86 SP2GDR\WOW Wieakui.dll 7.0.6000.16473 07-May-2007 23:31 161,792 x86 SP2GDR\WOW Wieapfltr.dat 7.0.6011.0 07-May-2007 23:31 2,455,488 x64 SP2GDR\WOW Wieapfltr.dll 7.0.6000.16461 07-May-2007 23:31 383,488 x86 SP2GDR\WOW Wiedkcs32.dll 17.0.6000.16473 07-May-2007 23:31 384,512 x86 SP2GDR\WOW Wieframe.dll 7.0.6000.16473 07-May-2007 23:31 6,058,496 x86 SP2GDR\WOW Wieframe.dll.mui 7.0.6000.16414 07-May-2007 23:31 991,232 x64 SP2GDR\WOW Wiernonce.dll 7.0.6000.16473 07-May-2007 23:31 44,544 x86 SP2GDR\WOW Wiertutil.dll 7.0.6000.16473 07-May-2007 23:31 267,776 x86 SP2GDR\WOW Wieudinit.exe 7.0.6000.16473 07-May-2007 23:31 13,824 x86 SP2GDR\WOW Wiexplore.exe 7.0.6000.16473 07-May-2007 23:31 625,152 x86 SP2GDR\WOW Winetcpl.cpl 7.0.6000.16473 07-May-2007 23:31 1,824,768 x64 SP2GDR\WOW Wjsproxy.dll 7.0.6000.16473 07-May-2007 23:31 27,648 x86 SP2GDR\WOW Wmsfeeds.dll 7.0.6000.16473 07-May-2007 23:31 459,264 x86 SP2GDR\WOW Wmsfeedsbs.dll 7.0.6000.16473 07-May-2007 23:31 52,224 x86 SP2GDR\WOW Wmshtml.dll 7.0.6000.16481 07-May-2007 23:31 3,583,488 x86 SP2GDR\WOW Wmshtmled.dll 7.0.6000.16473 07-May-2007 23:31 477,696 x86 SP2GDR\WOW Wmsrating.dll 7.0.6000.16473 07-May-2007 23:31 193,024 x86 SP2GDR\WOW Wmstime.dll 7.0.6000.16473 07-May-2007 23:31 670,720 x86 SP2GDR\WOW Woccache.dll 7.0.6000.16473 07-May-2007 23:31 102,400 x86 SP2GDR\WOW Wurl.dll 7.0.6000.16473 07-May-2007 23:31 105,984 x86 SP2GDR\WOW Wurlmon.dll 7.0.6000.16473 07-May-2007 23:31 1,152,000 x86 SP2GDR\WOW Wwebcheck.dll 7.0.6000.16473 07-May-2007 23:31 232,960 x86 SP2GDR\WOW Wwininet.dll 7.0.6000.16473 07-May-2007 23:31 822,784 x86 SP2GDR\WOW Advpack.dll 7.0.6000.20583 07-May-2007 23:06 161,280 x64 SP2QFE Extmgr.dll 7.0.6000.20583 07-May-2007 23:06 188,416 x64 SP2QFE Ie4uinit.exe 7.0.6000.20583 07-May-2007 23:06 68,608 x64 SP2QFE Ieakeng.dll 7.0.6000.20583 07-May-2007 23:06 195,584 x64 SP2QFE Ieaksie.dll 7.0.6000.20583 07-May-2007 23:06 267,264 x64 SP2QFE Ieakui.dll 7.0.6000.20583 07-May-2007 23:06 161,792 x64 SP2QFE Ieapfltr.dat 7.0.6011.0 07-May-2007 23:06 2,455,488 x64 SP2QFE Ieapfltr.dll 7.0.6000.16461 07-May-2007 23:06 424,448 x64 SP2QFE Iedkcs32.dll 17.0.6000.20583 07-May-2007 23:06 468,480 x64 SP2QFE Ieframe.dll 7.0.6000.20583 07-May-2007 23:06 7,059,968 x64 SP2QFE Ieframe.dll.mui 7.0.6000.16414 07-May-2007 23:07 983,552 x64 SP2QFE Iernonce.dll 7.0.6000.20583 07-May-2007 23:07 57,344 x64 SP2QFE Iertutil.dll 7.0.6000.20583 07-May-2007 23:07 355,840 x64 SP2QFE Ieudinit.exe 7.0.6000.20583 07-May-2007 23:07 13,824 x64 SP2QFE Iexplore.exe 7.0.6000.20583 07-May-2007 23:07 679,424 x64 SP2QFE Inetcpl.cpl 7.0.6000.20583 07-May-2007 23:07 2,025,472 x64 SP2QFE Jsproxy.dll 7.0.6000.20583 07-May-2007 23:07 32,256 x64 SP2QFE Msfeeds.dll 7.0.6000.20583 07-May-2007 23:07 553,984 x64 SP2QFE Msfeedsbs.dll 7.0.6000.20583 07-May-2007 23:07 75,264 x64 SP2QFE Mshtml.dll 7.0.6000.20591 07-May-2007 23:07 5,669,888 x64 SP2QFE Mshtmled.dll 7.0.6000.20583 07-May-2007 23:08 758,784 x64 SP2QFE Msrating.dll 7.0.6000.20583 07-May-2007 23:08 242,176 x64 SP2QFE Mstime.dll 7.0.6000.20583 07-May-2007 23:08 1,129,472 x64 SP2QFE Occache.dll 7.0.6000.20583 07-May-2007 23:08 151,040 x64 SP2QFE Url.dll 7.0.6000.20583 07-May-2007 23:08 108,544 x64 SP2QFE Urlmon.dll 7.0.6000.20583 07-May-2007 23:09 1,420,800 x64 SP2QFE Webcheck.dll 7.0.6000.20583 07-May-2007 23:09 295,424 x64 SP2QFE Wininet.dll 7.0.6000.20583 07-May-2007 23:09 1,020,928 x64 SP2QFE Wadvpack.dll 7.0.6000.20583 07-May-2007 23:13 124,928 x86 SP2QFE\WOW Wextmgr.dll 7.0.6000.20583 07-May-2007 23:13 132,608 x86 SP2QFE\WOW Wie4uinit.exe 7.0.6000.20583 07-May-2007 23:13 56,832 x86 SP2QFE\WOW Wieakeng.dll 7.0.6000.20583 07-May-2007 23:13 153,088 x86 SP2QFE\WOW Wieaksie.dll 7.0.6000.20583 07-May-2007 23:13 230,400 x86 SP2QFE\WOW Wieakui.dll 7.0.6000.20583 07-May-2007 23:13 161,792 x86 SP2QFE\WOW Wieapfltr.dat 7.0.6011.0 07-May-2007 23:13 2,455,488 x64 SP2QFE\WOW Wieapfltr.dll 7.0.6000.16461 07-May-2007 23:13 383,488 x86 SP2QFE\WOW Wiedkcs32.dll 17.0.6000.20583 07-May-2007 23:13 384,512 x86 SP2QFE\WOW Wieframe.dll 7.0.6000.20583 07-May-2007 23:13 6,059,008 x86 SP2QFE\WOW Wieframe.dll.mui 7.0.6000.16414 07-May-2007 23:13 991,232 x64 SP2QFE\WOW Wiernonce.dll 7.0.6000.20583 07-May-2007 23:13 44,544 x86 SP2QFE\WOW Wiertutil.dll 7.0.6000.20583 07-May-2007 23:13 267,776 x86 SP2QFE\WOW Wieudinit.exe 7.0.6000.20583 07-May-2007 23:13 13,824 x86 SP2QFE\WOW Wiexplore.exe 7.0.6000.20583 07-May-2007 23:13 625,152 x86 SP2QFE\WOW Winetcpl.cpl 7.0.6000.20583 07-May-2007 23:13 1,824,256 x64 SP2QFE\WOW Wjsproxy.dll 7.0.6000.20583 07-May-2007 23:13 27,648 x86 SP2QFE\WOW Wmsfeeds.dll 7.0.6000.20583 07-May-2007 23:13 459,264 x86 SP2QFE\WOW Wmsfeedsbs.dll 7.0.6000.20583 07-May-2007 23:13 52,224 x86 SP2QFE\WOW Wmshtml.dll 7.0.6000.20591 07-May-2007 23:13 3,584,000 x86 SP2QFE\WOW Wmshtmled.dll 7.0.6000.20583 07-May-2007 23:13 477,696 x86 SP2QFE\WOW Wmsrating.dll 7.0.6000.20583 07-May-2007 23:13 193,024 x86 SP2QFE\WOW Wmstime.dll 7.0.6000.20583 07-May-2007 23:13 670,720 x86 SP2QFE\WOW Woccache.dll 7.0.6000.20583 07-May-2007 23:13 102,400 x86 SP2QFE\WOW Wurl.dll 7.0.6000.20583 07-May-2007 23:13 105,984 x86 SP2QFE\WOW Wurlmon.dll 7.0.6000.20583 07-May-2007 23:13 1,153,536 x86 SP2QFE\WOW Wwebcheck.dll 7.0.6000.20583 07-May-2007 23:13 232,960 x86 SP2QFE\WOW Wwininet.dll 7.0.6000.20583 07-May-2007 23:13 823,808 x86 SP2QFE\WOW Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. Top of section Deployment Information Installing the Update When you install this security update, the installer checks to see if one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994. For more information about the installer, visit the Microsoft TechNet Web site. For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684. This security update supports the following setup switches. Supported Security Update Installation Switches Switch Description /help Displays the command-line options Setup Modes /passive Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. /quiet Quiet mode. This is the same as unattended mode, but no status or error messages are displayed. Restart Options /norestart Does not restart when installation has completed /forcerestart Restarts the computer after installation and force other applications to close at shutdown without saving open files first. /warnrestart[:x] Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch. /promptrestart Display a dialog box prompting the local user to allow a restart Special Options /overwriteoem Overwrites OEM files without prompting /nobackup Does not back up files needed for uninstall /forceappsclose Forces other programs to close when the computer shuts down /log:path Allows the redirection of installation log files /integrate:path Integrates the update into the Windows source files. These files are located at the path that is specified in the switch. /extract[:path] Extracts files without starting the Setup program /ER Enables extended error reporting /verbose Enables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly. Note You can combine these switches into one command. For backward compatibility, the security update also supports many of the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. Removing the Update This security update supports the following setup switches. Supported Spuninst.exe Switches Switch Description /help Displays the command-line options Setup Modes /passive Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds. /quiet Quiet mode. This is the same as unattended mode, but no status or error messages are displayed. Restart Options /norestart Does not restart when installation has completed /forcerestart Restarts the computer after installation and force other applications to close at shutdown without saving open files first. /warnrestart[:x] Presents a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch. /promptrestart Display a dialog box prompting the local user to allow a restart Special Options /forceappsclose Forces other programs to close when the computer shuts down /log:path Allows the redirection of installation log files Verifying that the Update Has Been Applied • Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. • File Version Verification Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps. 1. Click Start, and then click Search. 2. In the Search Results pane, click All files and folders under Search Companion. 3. In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search. 4. In the list of files, right-click a file name from the appropriate file information table, and then click Properties. Note Depending on the edition of the operating system, or the programs that are installed on your system, some of the files that are listed in the file information table may not be installed. 5. On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table. Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation. • Registry Key Verification You may also be able to verify the files that this security update has installed by reviewing the registry keys listed in the Reference Table in this section. These registry keys may not contain a complete list of installed files. Also, these registry keys may not be created correctly when an administrator or an OEM integrates or slipstreams this security update into the Windows installation source files. Top of section Top of section Windows Vista (all editions) Reference Table The following table contains the security update information for this software. You can find additional information in the subsection, Deployment Information, in this section. Inclusion in Future Service Packs The update for this issue will be included in a future service pack or update rollup Deployment Installing without user intervention Internet Explorer 7 in all supported 32-bit editions of Windows Vista: Windows6.0-KB933566-x86.msu /quiet Internet Explorer 7 in all supported x64 editions of Windows Vista: Windows6.0-KB933566-x86.msu /quiet Installing without restarting Internet Explorer 7 in all supported 32-bit editions of Windows Vista: Windows6.0-KB933566-x86.msu /quiet /norestart Internet Explorer 7 in all supported x64 editions of Windows Vista: Windows6.0-KB933566-x86.msu /quiet /norestart Update log file KB933566.log Further information See the subsection, Detection and Deployment Tools and Guidance Restart Requirement Restart required Yes, you must restart your system after you apply this security update Hotpatching Not applicable. Removal Information WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, click Security, then under WindowsUpdate, click Viewinstalled updates and select from the list of updates. File Information See the sub section, File Information, below or Microsoft Knowledge Base Article 933566 for the full file manifest File Information The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. For Internet Explorer 7 in all supported 32-bit editions of Windows Vista: File Name Version Date Time Size Wsusscan.cab 04-May-2007 23:00 119,454 X86_0a143cc594060f07eab220bae2d881a4_31bf3856ad364e35_6.0.6000.20583_none_f99b75740a5f6bb1.manifest 04-May-2007 21:41 700 X86_194564191d550b1dd2f3c39abdabf44b_31bf3856ad364e35_6.0.6000.16473_none_9ac2a496193a93fd.manifest 04-May-2007 21:41 726 X86_1c899a3c9576322257f8c91bbb5cbd42_31bf3856ad364e35_6.0.6000.20583_none_1f7c168b4b9a2d71.manifest 04-May-2007 21:41 696 X86_23719b6bd3cef355e2668a6f78d78879_31bf3856ad364e35_6.0.6000.20583_none_5d3456c35342f86b.manifest 04-May-2007 21:41 695 X86_26a27a219160ab8b1c10279160eadcd7_31bf3856ad364e35_6.0.6000.16473_none_97e2ebed7c538bed.manifest 04-May-2007 21:41 711 X86_2a149c8ddc887a81f57facf8c37ac822_31bf3856ad364e35_6.0.6000.20583_none_96c45ea94eec2adc.manifest 04-May-2007 21:41 724 X86_309d3903cfdf844ce5fc819364b3a769_31bf3856ad364e35_6.0.6000.16481_none_c0bafff4af93899a.manifest 04-May-2007 21:41 704 X86_460b3b90393bf327d4930fed3db0a5bd_31bf3856ad364e35_6.0.6000.20583_none_c10156195ac2a0d4.manifest 04-May-2007 21:41 700 X86_4b65a90deb41b08cb5fa72fd5f18c218_31bf3856ad364e35_6.0.6000.16473_none_d10a6fa16dda3557.manifest 04-May-2007 21:41 696 X86_4eba08e7a95bed9f25b8f9d9c74d40b7_31bf3856ad364e35_6.0.6000.20583_none_56e0abf4faf30e60.manifest 04-May-2007 21:41 694 X86_53f5d5a93e8fc0982b0fd21731d92132_31bf3856ad364e35_6.0.6000.20583_none_2ef23c9e87da7084.manifest 04-May-2007 21:41 702 X86_649b8d1d590fd86e81416ecfa3b6d453_31bf3856ad364e35_6.0.6000.16473_none_2a8f63becd07e46d.manifest 04-May-2007 21:41 700 X86_7241f476a146622784a78db5323c8566_31bf3856ad364e35_6.0.6000.20583_none_847206ad6957f792.manifest 04-May-2007 21:41 708 X86_7643aea3509df4ad7a896b7ce9d0c052_31bf3856ad364e35_6.0.6000.16473_none_58195e593354f7fa.manifest 04-May-2007 21:41 724 X86_76eab608cfd1dc87044be02146352325_31bf3856ad364e35_6.0.6000.16473_none_a851be40753b9337.manifest 04-May-2007 21:41 694 X86_779201b62cdc8329bb4eb8298ef9adfe_31bf3856ad364e35_6.0.6000.20591_none_c4a8db7bdd3e3e3a.manifest 04-May-2007 21:41 704 X86_79fb19734703e2c48717e88cc98cda54_31bf3856ad364e35_6.0.6000.16473_none_f1b2aed4bf191952.manifest 04-May-2007 21:41 706 X86_7ba3e594d2bdcf1c8853293e8fb503cc_31bf3856ad364e35_6.0.6000.20583_none_b1a18d9a98bc3e7b.manifest 04-May-2007 21:41 695 X86_7c59605344a0d58ee07a16a1ed1998ef_31bf3856ad364e35_6.0.6000.16473_none_9a9b8501473f3e58.manifest 04-May-2007 21:41 700 X86_8225e3326665b3c008908f9d56d75f76_31bf3856ad364e35_6.0.6000.16473_none_3a3b64287d2a0b7d.manifest 04-May-2007 21:41 702 X86_94a514541b76ba4b5b76a8a6956300a4_31bf3856ad364e35_6.0.6000.20583_none_b3633f11fe00d14d.manifest 04-May-2007 21:41 706 X86_b7c0af5030298fe0d9a6e2a49840559a_31bf3856ad364e35_6.0.6000.20583_none_616b5e4c69364691.manifest 04-May-2007 21:41 711 X86_be7d68797341871be9942dd6a65337d6_31bf3856ad364e35_6.0.6000.16473_none_82c6508e5d82b253.manifest 04-May-2007 21:41 695 X86_c06913304b67745d99e4dcaffa20846c_31bf3856ad364e35_6.0.6000.16473_none_b527f89ee83dca79.manifest 04-May-2007 21:41 696 X86_cc5024b0fb336e723da11f0715a21b20_31bf3856ad364e35_6.0.6000.16473_none_0f6fa5f692a75260.manifest 04-May-2007 21:41 695 X86_d3e13a04a904d0b58690c7cb0a75c0e7_31bf3856ad364e35_6.0.6000.20583_none_e2a516d8c05e1fa3.manifest 04-May-2007 21:41 726 X86_e0f54e4e01cf09dd5deac101b0092801_31bf3856ad364e35_6.0.6000.16473_none_fe1f8884510a3ab1.manifest 04-May-2007 21:41 704 X86_e575e3e55ceeb7295966ab39511de6a9_31bf3856ad364e35_6.0.6000.20583_none_4e33617ef1e70d96.manifest 04-May-2007 21:41 696 X86_e725eabe3b403d84ac7f89446abc5412_31bf3856ad364e35_6.0.6000.20583_none_abd1de2cb4e77063.manifest 04-May-2007 21:41 707 X86_eae44eb2e832ecc19c6232fbed4ae239_31bf3856ad364e35_6.0.6000.16473_none_cdaec8f24606e64c.manifest 04-May-2007 21:41 708 X86_f006c732353fa94463808a9b37f05b4e_31bf3856ad364e35_6.0.6000.20583_none_aa4bf6e65c2afac6.manifest 04-May-2007 21:41 704 X86_f8d106d701d3c4741e8c4542da774cea_31bf3856ad364e35_6.0.6000.16473_none_0031a57e919d1da6.manifest 04-May-2007 21:41 707 X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16473_none_a99c7471f5e0124d.manifest 04-May-2007 21:55 7,571 X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20583_none_aa1b41510f05ce08.manifest 04-May-2007 21:55 7,244 X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16473_none_b2b426d3d9d96fb0.manifest 04-May-2007 21:55 283,492 X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20583_none_b332f3b2f2ff2b6b.manifest 04-May-2007 21:55 283,492 X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.16473_none_8d0ab50854e814d4.manifest 04-May-2007 21:55 812,318 X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.20583_none_8d8981e76e0dd08f.manifest 04-May-2007 21:55 812,318 X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643.manifest 04-May-2007 21:55 56,602 X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe.manifest 04-May-2007 21:55 56,602 X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16473_none_f963254f6ece1096.manifest 04-May-2007 21:55 9,922 X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20583_none_f9e1f22e87f3cc51.manifest 04-May-2007 21:55 9,595 X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.16473_none_3a80bafad9a98a77.manifest 21-Apr-2007 03:06 42,229 X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.20583_none_3aff87d9f2cf4632.manifest 21-Apr-2007 02:28 42,229 X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.16473_none_15407c3f12d8e6cb.manifest 21-Apr-2007 03:06 179,943 X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.20583_none_15bf491e2bfea286.manifest 21-Apr-2007 02:28 179,943 X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16473_none_45f9f85f46744951.manifest 04-May-2007 21:55 32,438 X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20583_none_4678c53e5f9a050c.manifest 04-May-2007 21:55 32,111 X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_110751142542e8bc.manifest 04-May-2007 21:55 928,320 X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_11861df33e68a477.manifest 04-May-2007 21:55 928,320 X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.16473_none_69fcb3c559a4f006.manifest 21-Apr-2007 03:06 3,494 X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.20583_none_6a7b80a472caabc1.manifest 21-Apr-2007 02:28 3,494 X86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_2d330f011d0e0526.manifest 04-May-2007 21:55 126,025 X86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_2db1dbe03633c0e1.manifest 04-May-2007 21:55 125,698 X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16473_none_c3a1c41c6188cdcb.manifest 04-May-2007 21:55 31,606 X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20583_none_c42090fb7aae8986.manifest 04-May-2007 21:55 31,279 X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16473_none_29c6da8c6838a328.manifest 04-May-2007 21:55 37,192 X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20583_none_2a45a76b815e5ee3.manifest 04-May-2007 21:55 37,192 X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16473_none_62737b97b12e8da6.manifest 04-May-2007 21:55 829,928 X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20583_none_62f24876ca544961.manifest 04-May-2007 21:55 829,599 X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16473_none_e66ce81694b1e1de.manifest 04-May-2007 21:55 10,829 X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20583_none_e6ebb4f5add79d99.manifest 04-May-2007 21:55 10,502 X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16473_none_0b151d32d72ca190.manifest 04-May-2007 21:55 11,056 X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20583_none_0b93ea11f0525d4b.manifest 04-May-2007 21:55 10,729 Advpack.dll 7.0.6000.16473 21-Apr-2007 02:47 124,928 Advpack.dll 7.0.6000.20583 21-Apr-2007 02:12 124,928 Urlmon.dll 7.0.6000.16473 21-Apr-2007 02:48 1,152,000 Urlmon.dll 7.0.6000.20583 21-Apr-2007 02:15 1,153,536 Inetcpl.cpl 7.0.6000.16473 21-Apr-2007 02:46 1,824,768 Inetcpl.cpl 7.0.6000.20583 21-Apr-2007 02:13 1,824,256 Jsproxy.dll 7.0.6000.16473 21-Apr-2007 02:47 27,648 Wininet.dll 7.0.6000.16473 21-Apr-2007 02:49 822,784 Wininetplugin.dll 1.0.0.1 21-Apr-2007 02:49 64,512 Jsproxy.dll 7.0.6000.20583 21-Apr-2007 02:13 27,648 Wininet.dll 7.0.6000.20583 21-Apr-2007 02:15 823,808 Wininetplugin.dll 1.0.0.1 21-Apr-2007 02:15 64,512 Ieapfltr.dat 7.0.6011.0 11-Apr-2007 23:12 2,455,488 Ieapfltr.dll 7.0.6000.16461 21-Apr-2007 02:47 383,488 Ieapfltr.dat 7.0.6011.0 11-Apr-2007 23:21 2,455,488 Ieapfltr.dll 7.0.6000.16461 21-Apr-2007 02:13 383,488 Mshtmled.dll 7.0.6000.16473 21-Apr-2007 02:47 477,696 Mshtmled.dll 7.0.6000.20583 21-Apr-2007 02:14 477,696 Mshtml.dll 7.0.6000.16481 04-May-2007 02:55 3,583,488 Mshtml.tlb 7.0.6000.16481 04-May-2007 00:21 1,383,424 Mshtml.dll 7.0.6000.20591 04-May-2007 02:42 3,584,000 Mshtml.tlb 7.0.6000.20591 04-May-2007 00:18 1,383,424 Ieunatt.exe 7.0.6000.16473 21-Apr-2007 02:46 26,624 Iexplore.exe 7.0.6000.16473 21-Apr-2007 02:46 625,152 Ieunatt.exe 7.0.6000.20583 21-Apr-2007 01:20 26,624 Iexplore.exe 7.0.6000.20583 21-Apr-2007 01:21 625,152 Ie4uinit.exe 7.0.6000.16473 21-Apr-2007 02:46 56,832 Iernonce.dll 7.0.6000.16473 21-Apr-2007 02:47 44,544 Iesetup.dll 7.0.6000.16473 21-Apr-2007 02:47 56,320 Ie4uinit.exe 7.0.6000.20583 21-Apr-2007 01:20 56,832 Iernonce.dll 7.0.6000.20583 21-Apr-2007 02:13 44,544 Iesetup.dll 7.0.6000.20583 21-Apr-2007 02:13 56,320 Iebrshim.dll 6.0.6000.16473 21-Apr-2007 02:47 52,736 Iebrshim.dll 6.0.6000.20583 21-Apr-2007 02:13 52,736 Ieframe.dll 7.0.6000.16473 21-Apr-2007 02:47 6,058,496 Ieui.dll 7.0.6000.16473 21-Apr-2007 02:47 180,736 Ieframe.dll 7.0.6000.20583 21-Apr-2007 02:13 6,059,008 Ieui.dll 7.0.6000.20583 21-Apr-2007 02:13 180,736 Ieinstal.exe 6.0.6000.16473 21-Apr-2007 02:46 250,368 Ieinstal.exe 6.0.6000.20583 21-Apr-2007 01:21 250,368 Ieuser.exe 6.0.6000.16473 21-Apr-2007 02:46 294,912 Ieuser.exe 6.0.6000.20583 21-Apr-2007 01:21 294,912 Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. For Internet Explorer 7 in all supported x64 editions of Windows Vista: File Name Version Date Time Size Wsusscan.cab 04-May-2007 23:00 118,058 Amd64_137368b54a2eff275094f1170eb174ff_31bf3856ad364e35_6.0.6000.16473_none_dfc07f0820ff255e.manifest 04-May-2007 21:41 1,064 Amd64_172495f36c6fc93fe3112317205028b5_31bf3856ad364e35_6.0.6000.20583_none_f648c88fb320a5ef.manifest 04-May-2007 21:41 1,056 Amd64_194564191d550b1dd2f3c39abdabf44b_31bf3856ad364e35_6.0.6000.16473_none_f6e14019d1980533.manifest 04-May-2007 21:41 728 Amd64_1ce28f161c715c248234a5b9d9b28620_31bf3856ad364e35_6.0.6000.20583_none_eb83260d041250e8.manifest 04-May-2007 21:41 1,048 Amd64_23719b6bd3cef355e2668a6f78d78879_31bf3856ad364e35_6.0.6000.20583_none_b952f2470ba069a1.manifest 04-May-2007 21:41 697 Amd64_259e8e479d69c6abc22e69c9dd680d21_31bf3856ad364e35_6.0.6000.16473_none_9aba98d676ad9cad.manifest 04-May-2007 21:41 1,040 Amd64_2a149c8ddc887a81f57facf8c37ac822_31bf3856ad364e35_6.0.6000.20583_none_f2e2fa2d07499c12.manifest 04-May-2007 21:41 726 Amd64_2b3eba949d8c7c64821d569e0513fc4f_31bf3856ad364e35_6.0.6000.16473_none_b53e86c605a06f92.manifest 04-May-2007 21:41 1,040 Amd64_309d3903cfdf844ce5fc819364b3a769_31bf3856ad364e35_6.0.6000.16481_none_1cd99b7867f0fad0.manifest 04-May-2007 21:41 706 Amd64_3b64d1439e9908dca59e1a80cbd15468_31bf3856ad364e35_6.0.6000.16473_none_7e73c53f51ecec85.manifest 04-May-2007 21:41 1,036 Amd64_3ff79fa7d096621a794fc100a1a4bbb6_31bf3856ad364e35_6.0.6000.16473_none_5147185df4643053.manifest 04-May-2007 21:41 699 Amd64_442fa04319b53a351578703c13daae2f_31bf3856ad364e35_6.0.6000.16481_none_6b2fc06ea9679ecd.manifest 04-May-2007 21:41 708 Amd64_4b0aab6ac9657bc0d5780da06bbbeaf9_31bf3856ad364e35_6.0.6000.20583_none_45e514e5d2d37fd5.manifest 04-May-2007 21:41 699 Amd64_53f5d5a93e8fc0982b0fd21731d92132_31bf3856ad364e35_6.0.6000.20583_none_8b10d8224037e1ba.manifest 04-May-2007 21:41 704 Amd64_5dab9d78204352b28476fb3653a15c05_31bf3856ad364e35_6.0.6000.16473_none_bde6cd96de55bc73.manifest 04-May-2007 21:41 1,056 Amd64_5f9457f3d9f8eca2d01b54ca2facbe9c_31bf3856ad364e35_6.0.6000.20583_none_b438ab5c7675b7ab.manifest 04-May-2007 21:41 706 Amd64_610da1047926a1167df265885e90328b_31bf3856ad364e35_6.0.6000.16473_none_ee6b07ad60912dba.manifest 04-May-2007 21:41 1,060 Amd64_6399e6d451512a094fd35059c4e62b3c_31bf3856ad364e35_6.0.6000.20591_none_7e07a704251bbc14.manifest 04-May-2007 21:41 708 Amd64_645cd546943a60f21d1a26c9aab9e163_31bf3856ad364e35_6.0.6000.20583_none_7711d66ea6d97186.manifest 04-May-2007 21:41 699 Amd64_668d082ce2f8b621562bab1a6403f813_31bf3856ad364e35_6.0.6000.16473_none_baf0d1e73b139fca.manifest 04-May-2007 21:41 706 Amd64_66c589b899999d009ce8fcae800f89f5_31bf3856ad364e35_6.0.6000.16473_none_32689e7918887b6c.manifest 04-May-2007 21:41 1,070 Amd64_71a5d6f716a7d1462628f29102aeb2a5_31bf3856ad364e35_6.0.6000.16473_none_c63fd93f14663407.manifest 04-May-2007 21:41 1,064 Amd64_7607dbc8d83cb5415168f9e97e200c01_31bf3856ad364e35_6.0.6000.20583_none_812ce6156a88f403.manifest 04-May-2007 21:41 1,070 Amd64_7643aea3509df4ad7a896b7ce9d0c052_31bf3856ad364e35_6.0.6000.16473_none_b437f9dcebb26930.manifest 04-May-2007 21:41 726 Amd64_779201b62cdc8329bb4eb8298ef9adfe_31bf3856ad364e35_6.0.6000.20591_none_20c776ff959baf70.manifest 04-May-2007 21:41 706 Amd64_7ba3e594d2bdcf1c8853293e8fb503cc_31bf3856ad364e35_6.0.6000.20583_none_0dc0291e5119afb1.manifest 04-May-2007 21:41 697 Amd64_7c225912108519a4ed2ab0e951a6451c_31bf3856ad364e35_6.0.6000.20583_none_a953537de55bda7f.manifest 04-May-2007 21:41 1,048 Amd64_8225e3326665b3c008908f9d56d75f76_31bf3856ad364e35_6.0.6000.16473_none_9659ffac35877cb3.manifest 04-May-2007 21:41 704 Amd64_84c4852cf8458a77a749705bda467912_31bf3856ad364e35_6.0.6000.20583_none_f6b288e0eee50af7.manifest 04-May-2007 21:41 1,064 Amd64_8a11e5299eb75374ae7effb120847e54_31bf3856ad364e35_6.0.6000.16473_none_aa43e7790d9bd1ce.manifest 04-May-2007 21:41 1,048 Amd64_a045f9255194a19af573997d92b397b0_31bf3856ad364e35_6.0.6000.20583_none_e860cdc5c20e2824.manifest 04-May-2007 21:41 1,040 Amd64_a0ef025def2e3a1c355f3c645671baf2_31bf3856ad364e35_6.0.6000.16473_none_811911261ad14a1e.manifest 04-May-2007 21:41 699 Amd64_a53a03c90a50570cb7365998625e6cb1_31bf3856ad364e35_6.0.6000.16473_none_28a175ec7c169061.manifest 04-May-2007 21:41 730 Amd64_be7d68797341871be9942dd6a65337d6_31bf3856ad364e35_6.0.6000.16473_none_dee4ec1215e02389.manifest 04-May-2007 21:41 697 Amd64_c4b4f7a455220e8c12f5f7cd5c7971b0_31bf3856ad364e35_6.0.6000.16473_none_6a4564d2a21089a9.manifest 04-May-2007 21:41 728 Amd64_c835b586ddedf6ed111aeb66d60dd75d_31bf3856ad364e35_6.0.6000.20583_none_1c240a4f1f9e429c.manifest 04-May-2007 21:41 730 Amd64_cc5024b0fb336e723da11f0715a21b20_31bf3856ad364e35_6.0.6000.16473_none_6b8e417a4b04c396.manifest 04-May-2007 21:41 697 Amd64_d076b45f36c32aa64010e7b1ceaa02af_31bf3856ad364e35_6.0.6000.20583_none_5ebf043704e8e89d.manifest 04-May-2007 21:41 1,040 Amd64_d3e13a04a904d0b58690c7cb0a75c0e7_31bf3856ad364e35_6.0.6000.20583_none_3ec3b25c78bb90d9.manifest 04-May-2007 21:41 728 Amd64_decd8d41eed065c3104adfa2026b6387_31bf3856ad364e35_6.0.6000.20583_none_bf1c7047d481a620.manifest 04-May-2007 21:41 728 Amd64_e58580c188e1ccd6ae6455cad37f019d_31bf3856ad364e35_6.0.6000.16473_none_0e4e92997610507f.manifest 04-May-2007 21:41 1,048 Amd64_eaad8b3f4f3ff450d4c2df1477c999ea_31bf3856ad364e35_6.0.6000.20583_none_56a886ffb51a6dbf.manifest 04-May-2007 21:41 1,064 Amd64_f5d66ab978d839462ccbc03d4133feef_31bf3856ad364e35_6.0.6000.20583_none_49dd14226bbeb486.manifest 04-May-2007 21:41 1,036 Amd64_fc6257cd403e3b6f33973e1b023ebc6f_31bf3856ad364e35_6.0.6000.20583_none_856993da7872917e.manifest 04-May-2007 21:41 1,060 Amd64_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16473_none_05bb0ff5ae3d8383.manifest 04-May-2007 22:02 7,603 Amd64_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20583_none_0639dcd4c7633f3e.manifest 04-May-2007 22:02 7,274 Amd64_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16473_none_0ed2c2579236e0e6.manifest 04-May-2007 22:02 283,526 Amd64_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20583_none_0f518f36ab5c9ca1.manifest 04-May-2007 22:02 283,526 Amd64_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.16473_none_e929508c0d45860a.manifest 04-May-2007 22:02 810,403 Amd64_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.20583_none_e9a81d6b266b41c5.manifest 04-May-2007 22:02 810,403 Amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_5bd89df95d400779.manifest 04-May-2007 22:02 56,676 Amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_5c576ad87665c334.manifest 04-May-2007 22:02 56,676 Amd64_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16473_none_5581c0d3272b81cc.manifest 04-May-2007 22:02 9,956 Amd64_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20583_none_56008db240513d87.manifest 04-May-2007 22:02 9,627 Amd64_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.16473_none_969f567e9206fbad.manifest 21-Apr-2007 04:21 42,231 Amd64_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.20583_none_971e235dab2cb768.manifest 21-Apr-2007 03:40 42,231 Amd64_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.16473_none_715f17c2cb365801.manifest 21-Apr-2007 04:21 179,945 Amd64_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.20583_none_71dde4a1e45c13bc.manifest 21-Apr-2007 03:40 179,945 Amd64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16473_none_a21893e2fed1ba87.manifest 04-May-2007 22:02 32,472 Amd64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20583_none_a29760c217f77642.manifest 04-May-2007 22:02 32,143 Amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_6d25ec97dda059f2.manifest 04-May-2007 22:02 928,381 Amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_6da4b976f6c615ad.manifest 04-May-2007 22:02 928,381 Amd64_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.16473_none_c61b4f491202613c.manifest 21-Apr-2007 04:21 3,502 Amd64_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.20583_none_c69a1c282b281cf7.manifest 21-Apr-2007 03:40 3,502 Amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_8951aa84d56b765c.manifest 04-May-2007 22:02 126,498 Amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_89d07763ee913217.manifest 04-May-2007 22:02 126,169 Amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16473_none_1fc05fa019e63f01.manifest 04-May-2007 22:02 31,638 Amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20583_none_203f2c7f330bfabc.manifest 04-May-2007 22:02 31,309 Amd64_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16473_none_85e576102096145e.manifest 04-May-2007 22:02 37,911 Amd64_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20583_none_866442ef39bbd019.manifest 04-May-2007 22:02 37,911 Amd64_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16473_none_be92171b698bfedc.manifest 04-May-2007 22:02 830,034 Amd64_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20583_none_bf10e3fa82b1ba97.manifest 04-May-2007 22:02 829,703 Amd64_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16473_none_428b839a4d0f5314.manifest 04-May-2007 22:02 10,855 Amd64_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20583_none_430a507966350ecf.manifest 04-May-2007 22:02 10,526 Amd64_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16473_none_6733b8b68f8a12c6.manifest 04-May-2007 22:02 11,090 Amd64_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20583_none_67b28595a8afce81.manifest 04-May-2007 22:02 10,761 Wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_93a654d709cc3857.manifest 04-May-2007 22:02 120,967 Wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_942521b622f1f412.manifest 04-May-2007 22:02 120,967 X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16473_none_a99c7471f5e0124d.manifest 04-May-2007 22:02 7,571 X86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20583_none_aa1b41510f05ce08.manifest 04-May-2007 22:02 7,244 X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16473_none_b2b426d3d9d96fb0.manifest 04-May-2007 22:02 283,492 X86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20583_none_b332f3b2f2ff2b6b.manifest 04-May-2007 22:02 283,492 X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.16473_none_8d0ab50854e814d4.manifest 04-May-2007 22:02 812,318 X86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_6.0.6000.20583_none_8d8981e76e0dd08f.manifest 04-May-2007 22:02 812,318 X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643.manifest 04-May-2007 22:02 56,602 X86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe.manifest 04-May-2007 22:02 56,602 X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16473_none_f963254f6ece1096.manifest 04-May-2007 22:02 9,922 X86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20583_none_f9e1f22e87f3cc51.manifest 04-May-2007 22:02 9,595 X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.16473_none_3a80bafad9a98a77.manifest 21-Apr-2007 03:06 42,229 X86_microsoft-windows-ie-extcompat_31bf3856ad364e35_6.0.6000.20583_none_3aff87d9f2cf4632.manifest 21-Apr-2007 02:28 42,229 X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.16473_none_15407c3f12d8e6cb.manifest 21-Apr-2007 03:06 179,943 X86_microsoft-windows-ie-htmlactivexcompat_31bf3856ad364e35_6.0.6000.20583_none_15bf491e2bfea286.manifest 21-Apr-2007 02:28 179,943 X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16473_none_45f9f85f46744951.manifest 04-May-2007 22:02 32,438 X86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20583_none_4678c53e5f9a050c.manifest 04-May-2007 22:02 32,111 X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_110751142542e8bc.manifest 04-May-2007 22:02 928,320 X86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_11861df33e68a477.manifest 04-May-2007 22:02 928,320 X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.16473_none_69fcb3c559a4f006.manifest 21-Apr-2007 03:06 3,494 X86_microsoft-windows-ie-iebrokers_31bf3856ad364e35_6.0.6000.20583_none_6a7b80a472caabc1.manifest 21-Apr-2007 02:28 3,494 X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16473_none_c3a1c41c6188cdcb.manifest 04-May-2007 22:02 31,606 X86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20583_none_c42090fb7aae8986.manifest 04-May-2007 22:02 31,279 X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16473_none_29c6da8c6838a328.manifest 04-May-2007 22:02 37,192 X86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20583_none_2a45a76b815e5ee3.manifest 04-May-2007 22:02 37,192 X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16473_none_62737b97b12e8da6.manifest 04-May-2007 22:02 829,928 X86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20583_none_62f24876ca544961.manifest 04-May-2007 22:02 829,599 X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16473_none_e66ce81694b1e1de.manifest 04-May-2007 22:02 10,829 X86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20583_none_e6ebb4f5add79d99.manifest 04-May-2007 22:02 10,502 X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16473_none_0b151d32d72ca190.manifest 04-May-2007 22:02 11,056 X86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20583_none_0b93ea11f0525d4b.manifest 04-May-2007 22:02 10,729 Advpack.dll 7.0.6000.16473 21-Apr-2007 04:06 161,280 Advpack.dll 7.0.6000.20583 21-Apr-2007 03:24 161,280 Urlmon.dll 7.0.6000.16473 21-Apr-2007 04:09 1,418,752 Urlmon.dll 7.0.6000.20583 21-Apr-2007 03:27 1,420,800 Inetcpl.cpl 7.0.6000.16473 21-Apr-2007 04:05 2,025,472 Inetcpl.cpl 7.0.6000.20583 21-Apr-2007 03:25 2,025,472 Jsproxy.dll 7.0.6000.16473 21-Apr-2007 04:07 32,256 Wininet.dll 7.0.6000.16473 21-Apr-2007 04:09 1,019,392 Wininetplugin.dll 1.0.0.1 21-Apr-2007 04:09 93,184 Jsproxy.dll 7.0.6000.20583 21-Apr-2007 03:25 32,256 Wininet.dll 7.0.6000.20583 21-Apr-2007 03:27 1,020,928 Wininetplugin.dll 1.0.0.1 21-Apr-2007 03:27 93,184 Ieapfltr.dat 7.0.6011.0 11-Apr-2007 23:14 2,455,488 Ieapfltr.dll 7.0.6000.16461 21-Apr-2007 04:07 424,448 Ieapfltr.dat 7.0.6011.0 11-Apr-2007 23:21 2,455,488 Ieapfltr.dll 7.0.6000.16461 21-Apr-2007 03:25 424,448 Mshtmled.dll 7.0.6000.16473 21-Apr-2007 04:08 758,784 Mshtmled.dll 7.0.6000.20583 21-Apr-2007 03:25 758,784 Mshtml.dll 7.0.6000.16481 04-May-2007 04:05 5,668,352 Mshtml.tlb 7.0.6000.16481 04-May-2007 00:21 1,383,424 Mshtml.dll 7.0.6000.20591 04-May-2007 03:53 5,669,888 Mshtml.tlb 7.0.6000.20591 04-May-2007 00:17 1,383,424 Ieunatt.exe 7.0.6000.16473 21-Apr-2007 04:06 32,768 Iexplore.exe 7.0.6000.16473 21-Apr-2007 04:06 679,424 Ieunatt.exe 7.0.6000.20583 21-Apr-2007 01:48 32,768 Iexplore.exe 7.0.6000.20583 21-Apr-2007 01:48 679,424 Ie4uinit.exe 7.0.6000.16473 21-Apr-2007 04:06 68,608 Iernonce.dll 7.0.6000.16473 21-Apr-2007 04:07 57,344 Iesetup.dll 7.0.6000.16473 21-Apr-2007 04:07 69,120 Ie4uinit.exe 7.0.6000.20583 21-Apr-2007 01:48 68,608 Iernonce.dll 7.0.6000.20583 21-Apr-2007 03:25 57,344 Iesetup.dll 7.0.6000.20583 21-Apr-2007 03:25 69,120 Iebrshim.dll 6.0.6000.16473 21-Apr-2007 04:07 104,960 Iebrshim.dll 6.0.6000.20583 21-Apr-2007 03:25 104,960 Ieframe.dll 7.0.6000.16473 21-Apr-2007 04:07 7,058,944 Ieui.dll 7.0.6000.16473 21-Apr-2007 04:07 228,352 Ieframe.dll 7.0.6000.20583 21-Apr-2007 03:25 7,059,968 Ieui.dll 7.0.6000.20583 21-Apr-2007 03:25 228,352 Ieinstal.exe 6.0.6000.16473 21-Apr-2007 04:06 260,608 Ieinstal.exe 6.0.6000.20583 21-Apr-2007 01:48 260,608 Ieuser.exe 6.0.6000.16473 21-Apr-2007 04:06 341,504 Ieuser.exe 6.0.6000.20583 21-Apr-2007 01:48 341,504 Ieunatt.exe 7.0.6000.16473 21-Apr-2007 02:46 26,624 Iexplore.exe 7.0.6000.16473 21-Apr-2007 02:46 625,152 Ieunatt.exe 7.0.6000.20583 21-Apr-2007 01:20 26,624 Iexplore.exe 7.0.6000.20583 21-Apr-2007 01:21 625,152 Advpack.dll 7.0.6000.16473 21-Apr-2007 02:47 124,928 Advpack.dll 7.0.6000.20583 21-Apr-2007 02:12 124,928 Urlmon.dll 7.0.6000.16473 21-Apr-2007 02:48 1,152,000 Urlmon.dll 7.0.6000.20583 21-Apr-2007 02:15 1,153,536 Inetcpl.cpl 7.0.6000.16473 21-Apr-2007 02:46 1,824,768 Inetcpl.cpl 7.0.6000.20583 21-Apr-2007 02:13 1,824,256 Jsproxy.dll 7.0.6000.16473 21-Apr-2007 02:47 27,648 Wininet.dll 7.0.6000.16473 21-Apr-2007 02:49 822,784 Wininetplugin.dll 1.0.0.1 21-Apr-2007 02:49 64,512 Jsproxy.dll 7.0.6000.20583 21-Apr-2007 02:13 27,648 Wininet.dll 7.0.6000.20583 21-Apr-2007 02:15 823,808 Wininetplugin.dll 1.0.0.1 21-Apr-2007 02:15 64,512 Ieapfltr.dat 7.0.6011.0 11-Apr-2007 23:12 2,455,488 Ieapfltr.dll 7.0.6000.16461 21-Apr-2007 02:47 383,488 Ieapfltr.dat 7.0.6011.0 11-Apr-2007 23:21 2,455,488 Ieapfltr.dll 7.0.6000.16461 21-Apr-2007 02:13 383,488 Mshtmled.dll 7.0.6000.16473 21-Apr-2007 02:47 477,696 Mshtmled.dll 7.0.6000.20583 21-Apr-2007 02:14 477,696 Mshtml.dll 7.0.6000.16481 04-May-2007 02:55 3,583,488 Mshtml.tlb 7.0.6000.16481 04-May-2007 00:21 1,383,424 Mshtml.dll 7.0.6000.20591 04-May-2007 02:42 3,584,000 Mshtml.tlb 7.0.6000.20591 04-May-2007 00:18 1,383,424 Ie4uinit.exe 7.0.6000.16473 21-Apr-2007 02:46 56,832 Iernonce.dll 7.0.6000.16473 21-Apr-2007 02:47 44,544 Iesetup.dll 7.0.6000.16473 21-Apr-2007 02:47 56,320 Ie4uinit.exe 7.0.6000.20583 21-Apr-2007 01:20 56,832 Iernonce.dll 7.0.6000.20583 21-Apr-2007 02:13 44,544 Iesetup.dll 7.0.6000.20583 21-Apr-2007 02:13 56,320 Iebrshim.dll 6.0.6000.16473 21-Apr-2007 02:47 52,736 Iebrshim.dll 6.0.6000.20583 21-Apr-2007 02:13 52,736 Ieframe.dll 7.0.6000.16473 21-Apr-2007 02:47 6,058,496 Ieui.dll 7.0.6000.16473 21-Apr-2007 02:47 180,736 Ieframe.dll 7.0.6000.20583 21-Apr-2007 02:13 6,059,008 Ieui.dll 7.0.6000.20583 21-Apr-2007 02:13 180,736 Ieinstal.exe 6.0.6000.16473 21-Apr-2007 02:46 250,368 Ieinstal.exe 6.0.6000.20583 21-Apr-2007 01:21 250,368 Ieuser.exe 6.0.6000.16473 21-Apr-2007 02:46 294,912 Ieuser.exe 6.0.6000.20583 21-Apr-2007 01:21 294,912 Note For a complete list of supported versions and editions, see the Support Lifecycle Index. For a complete list of service packs, see Lifecycle Supported Service Packs. For more information on the support lifecycle policy, see Microsoft Support Lifecycle. Top of section Deployment Information Installing the Update When you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Windows hotfix. If you have previously installed a hotfix to update one of these files, the installer will apply the LDR version of this update. Otherwise, the installer will apply the GDR version of the update. For more information about this behavior, see Microsoft Knowledge Base Article 824994. For more information about the installer, see Microsoft Knowledge Base Article 934307. For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684. This security update supports the following setup switches. Supported Security Update Installation Switches Switch Description /?, /h, /help Displays help on supported switches. /quiet Suppresses the display of status or error messages. /norestart When combined with /quiet, the system will not be restarted after installation even if a restart is required to complete installation. Note For more information about the installer, see Microsoft Knowledge Base Article 934307. Verifying that the Update Has Been Applied • Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. • File Version Verification Note Because there are several editions of Microsoft Windows, the following steps may be different on your system. If they are, see your product documentation to complete these steps. 1. Click Start and then enter an update file name in Start Search. 2. When the file appears under Programs, right-click on the file name and click Properties. 3. Under the General tab, compare the file size with the file information tables provided earlier in this section. 4. You may also click on the Details tab and compare information, such as file version and date modified, with the file information tables provided earlier in this section. 5. Finally, you may also click on the Previous Versions tab and compare file information for the previous version of the file with the file information for the new, or updated, version of the file. Top of section Top of section Top of section Other Information Acknowledgments Microsoft thanks the following for working with us to help protect customers: • An anonymous researcher working with iDefense VCP for reporting the COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218. • Tom Cross of ISS for working with Microsoft on the COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218. • An anonymous researcher working with TippingPoint and the Zero Day Initiative for reporting the Language Pack Installation Vulnerability - CVE-2007-3027. • Sam Thomas working with TippingPoint and the Zero Day Initiative for reporting the Uninitialized Memory Corruption Vulnerability - CVE-2007-1751. • Will Dorman of CERT/CC for reporting the Speech Control Memory Corruption Vulnerability - CVE-2007-2222. • cocoruder of Fortinet Security Research for working with Microsoft on the Speech Control Memory Corruption Vulnerability - CVE-2007-2222. Top of section Support • Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. • International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site. Top of section Disclaimer The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Top of section Revisions • V1.0 (June 12, 2007): Bulletin published. • V1.1 (June 12, 2007): Bulletin Revised: CVE number corrected for Navigation Cancel Page Spoofing Vulnerability - CVE-2007-1499. • V1.2 (June 13, 2007): Bulletin Revised: Registry Key Verification corrected for Internet Explorer 6 Service Pack 1 on all supported editions of Microsoft Windows 2000 Service Pack 4; Removed duplicate text in Workarounds for COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0218 and Workarounds for Uninitialized Memory Corruption Vulnerability - CVE-2007-1751 [***** End Microsoft Security Bulletin (MS07-033) *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Microsoft for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) R-260: Security Vulnerability in Sun Java System Web Server R-261: Security Vulnerabilities in the Java Runtime Environment Image Parsing Code R-262: CREDANT Mobile Guardian Shield Vulnerability R-263: Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC) R-264: Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC) R-265: HP Sysetm Management Homepage (SMH) Vulnerability R-266: Security Vulnerability in How xscreensaver(1) Interacts with GNOME Assistive Technology R-267: Security Notice for CA Products Implementing the Anti-Virus Engine R-268: Vulnerability in Win 32 API (935839) R-269: Cumulative Security Update for Outlook Express and Windows Mail (929123)