Update for "Javascript Redirect" Vulnerability in Internet Explorer 5

Article translations Article translations
Article ID: 244357
This article was previously published under Q244357
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

Symptoms

Microsoft has made an update available that addresses a potential security issue in which an HTTP redirect to a javascript:url can be used to compromise security. This issue could allow a malicious Web site operator to read files on the local computer, although the intruder would have to know the name and location of the file. The vulnerability does not allow the malicious user to list the contents of folders, create, modify or delete files.

Additional information about this issue is available from the following Microsoft Web sites: Updates are available for the following products:
  • Microsoft Internet Explorer 5.0 for Windows 95
  • Microsoft Internet Explorer 5.0 for Windows NT 4.0 (Alpha and x86)
  • Microsoft Windows 98
  • Microsoft Windows 98 Second Edition

Resolution

To obtain this update, download and install the appropriate Q244357.exe file for your computer from the Microsoft site listed below. To navigate to Q244357.exe file, click the link below, and then click Next twice: The English-language version of this fix should have the following file attributes or later:
   File name           Size                Date      Version
   ----------------------------------------------------------------
   Urlmon.dll          442,640 (x86)       10-25-99   5.0.2722.2500
   Urlmon.dll          719,120 (alpha)     10-25-99   5.0.2722.2500
				


Note that if you try to install this update on any version of Internet Explorer other than Internet Explorer 5, you receive a message that says "This update does not need to be installed on this system" when in fact the computer may be vulnerable. For additional information about Internet Explorer 4.01, click the article number below to view the article in the Microsoft Knowledge Base:
244356 Update for "Javascript Redirect" Vulnerability in Internet Explorer 4.01

Status

This issue is fixed in Internet Explorer 5.01.

Properties

Article ID: 244357 - Last Review: October 26, 2013 - Revision: 3.0
Keywords: 
kbnosurvey kbarchive kbprb KB244357

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com