Update Available for the "Malformed Favorites Icon" Issue

Article translations Article translations
Article ID: 231450
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

Summary

NOTE: The update described in this article is included in the more recent update that is described in the following Microsoft Knowledge Base article:
246094 Update Available for Server-side Page Reference Redirect Vulnerability
The update that is described in this article is not required if the update that is described in article 246094 is installed on your computer.

Microsoft has released an update to Internet Explorer 5.0 that addresses a potential security issue with icons from a Web site that are added to your list of Favorites. Internet Explorer 5 includes a feature that permits a Web site administrator to customize the icon used when you add a Web site to your list of favorites. The icon from the Web site could be modified by a malicious Web site administrator in such a way that it would run executable programs on your client computer. For more information about this issue, visit the following Microsoft Web site:

http://www.microsoft.com/TechNet/security/bulletin/ms99-018.asp
Updates are available for the following products:
  • Microsoft Internet Explorer 5 for Windows 95
  • Microsoft Internet Explorer 5 for Windows 98
NOTE: Microsoft Internet Explorer 4.x and earlier versions are not affected by this issue, and this includes any version of Internet Explorer on the following platforms:
  • Microsoft Windows NT
  • Microsoft Windows 3.x
  • Macintosh
  • UNIX on Sun Solaris

More information

This problem in resolved in Internet Explorer 5.01 and later. Microsoft recommends that you upgrade to the latest version of Internet Explorer to resolve this problem. For additional information about how to determine the version of Internet Explorer that is installed on your computer, click the following article number to view the article in the Microsoft Knowledge Base:
164539 How to Determine Which Version of Internet Explorer Is Installed
For additional information about how to obtain the latest version of Internet Explorer 5.5, click the following article number to view the article in the Microsoft Knowledge Base:
267954 How to Obtain the Latest Internet Explorer 5.5 Service Pack
For additional information about how to obtain the latest version of Internet Explorer 6, click the following article number to view the article in the Microsoft Knowledge Base:
328548 How to Obtain the Latest Internet Explorer 6 Service Pack
On December 8, 1999, Microsoft released a patch that resolves this vulnerability and several other vulnerabilities in Internet Explorer 5.0. For additional information about this patch, click the following article number to view the article in the Microsoft Knowledge Base:
246094 Update Available for "Server-Side Page Reference Redirect" Vulnerability
For additional information about the other vulnerabilities that are resolved by this patch, click the following article numbers to view the articles in the Microsoft Knowledge Base:
241361 Update Available for Vulnerabilities in ActiveX Controls Issue
231450 Update Available for the "Malformed Favorites Icon" Issue
231452 Update Available for "Legacy ActiveX Control" Issue
The English version of this fix has the following file attributes or later:
   Updated file name   Size (bytes)   Date      Version 
   ----------------------------------------------------------
   Shdocvw.dll         94,6448        5/21/99   5.0.2717.2000

Properties

Article ID: 231450 - Last Review: June 19, 2014 - Revision: 6.0
Keywords: 
kbnosurvey kbarchive kbenv kbprb KB231450

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com