Update Available For "DHTML Edit" Security Issue

Microsoft has released an update that addresses a potential security issue in the Dynamic Hypertext Markup Language (DHTML) Edit ActiveX control, which is available in Internet Explorer 5 and can be downloaded for Internet Explorer 4.x. Additional information about this issue is available from the following Microsoft Web sites:

NOTE: This problem is resolved in Microsoft Internet Explorer 5.01. Updates are available for the following products:

• Microsoft Internet Explorer 4.0, 4.01 for Windows 95 and Windows NT 4.0 (x86)
• Microsoft Windows 98
• Microsoft Internet Explorer 5 for Windows 95, Windows 98, and Windows NT 4.0 (x86 and Alpha)

This update eliminates a vulnerability in this control that could allow a malicious Web site operator to read information that has been loaded into the control, and it also could allow files with known names to be copied from the local hard disk.

Update Information by Product:

NOTE: If you are using Internet Explorer 4.0 or 4.01, you must install Internet Explorer 4.01 Service Pack 1 or 2 in order to apply this update. You can install Internet Explorer 4.01 Service Pack 2 from the following Microsoft Web site:



Microsoft Internet Explorer 4.01 with Service Pack 1 or 2 for Windows 95 or Windows NT 4.0 x86:

Update File Name: dhtmled4.exe
Availability: http://www.microsoft.com/windows/ie/security (http://www.microsoft.com/windows/ie/security)


Windows 98:

Update File Name: dhtmled4.exe
Availability: http://www.microsoft.com/windows/ie/security (http://www.microsoft.com/windows/ie/security)


Microsoft Internet Explorer 5 for Windows 95, Windows 98, or Windows NT 4.0 x86:

Update File Name: dhtmled5.exe
Availability: http://www.microsoft.com/windows/ie/security (http://www.microsoft.com/windows/ie/security)


Microsoft Internet Explorer 5 for Windows NT 4.0 Alpha:

Update File Name: dhtmled5ax.exe
Availability: http://www.microsoft.com/windows/ie/security (http://www.microsoft.com/windows/ie/security)