Article ID: 324929 - Last Review: February 1, 2007 - Revision: 7.3 MS02-068: December, 2002, Cumulative Patch for Internet ExplorerThis article was previously published under Q324929 Important The December, 2002, Cumulative Patch for Internet Explorer has
been superseded by the February, 2003, Cumulative Patch for Internet Explorer.
For additional information about how to obtain this patch, click
the following article number to view the article in the Microsoft Knowledge
Base: 810847
(http://support.microsoft.com/kb/810847/EN-US/
)
MS03-004: February, 2003, Cumulative Patch for Internet Explorer
On This PageSUMMARY Microsoft has released a cumulative patch for Internet
Explorer. This patch includes updates for the issues that are described in the
following Microsoft Knowledge Base articles:
328970
(http://support.microsoft.com/kb/328970/EN-US/
)
MS02-066: November, 2002, Cumulative Patch for Internet Explorer
323759
(http://support.microsoft.com/kb/323759/EN-US/
)
MS02-047: August 22, 2002, Cumulative Patch for Internet Explorer
321232
(http://support.microsoft.com/kb/321232/EN-US/
)
MS02-023: May 15, 2002, Cumulative Patch for Internet Explorer
319182
(http://support.microsoft.com/kb/319182/EN-US/
)
MS02-015: March 28, 2002, Cumulative Patch for Internet Explorer
316059
(http://support.microsoft.com/kb/316059/EN-US/
)
MS02-005: February 11, 2002, Cumulative Patch for Internet Explorer
This cumulative patch also repairs one additional
flaw in Internet Explorer's cross-domain security model. This flaw occurs
because the security checks that Internet Explorer carries out when particular
object caching techniques are used in Web pages are incomplete. If the security
checks are incomplete, an attacker may be able to run commands on a user's
computer. If an attacker exploits this vulnerability, he or she may be able to run an executable file that was already present on the local computer. The attacker may also be able to load a malicious executable file onto a user's computer or pass parameters to an executable file. However, you can add a registry key setting to restrict shortcuts in HTML Help, which significantly reduces the scope of this vulnerability. This registry key prevents attackers from being able to load a malicious executable file on a user's computer or pass parameters to an executable file. For additional information about this registry key, click the following article number to view the article in the Microsoft Knowledge Base: 810687
(http://support.microsoft.com/kb/810687/EN-US/
)
How to Restrict the Shortcut and
WinHelp Commands in HTML Help
An attacker may be able to exploit the vulnerability
by constructing a Web page that uses a cached programming technique, and then
either hosts this page on a Web site or sends it to a user through e-mail. In
the case of the Web-based attack vector, the page may be automatically opened
when a user visits the site. In the case of the HTML mail-based attack vector,
the page may be opened when the recipient opens the message or views it using
the Preview pane. For additional information about known issues that can occur when you install this update, click the article number below to view the article in the Microsoft Knowledge Base: 325192
(http://support.microsoft.com/kb/325192/EN-US/
)
Issues After You Install Updates to Internet Explorer or Windows
MORE INFORMATION For more information about this patch, visit the following
Microsoft Web site: http://www.microsoft.com/technet/security/bulletin/MS02-068.mspx
(http://www.microsoft.com/technet/security/bulletin/MS02-068.mspx)
Download InformationThe following file is available for download from the Microsoft Download Center:Collapse this image  For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: 119591
(http://support.microsoft.com/kb/119591/EN-US/
)
How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most
current virus-detection software that was available on the date that the file
was posted. The file is stored on security-enhanced servers that help to
prevent any unauthorized changes to the file.
Installation InformationYou can install the Internet Explorer 6 version of this update on Internet Explorer 6 or on Internet Explorer 6 Service Pack 1 (SP1). For additional information, click the following article number to view the article in the Microsoft Knowledge Base:328548
(http://support.microsoft.com/kb/328548/EN-US/
)
How to Obtain the Latest Service Pack for Internet Explorer 6
To run the Internet Explorer 5.5 version of this
update, you must be running Internet Explorer 5.5 Service Pack 2 (SP2).
For additional information, click
the following article number to view the article in the Microsoft Knowledge
Base: 276369
(http://support.microsoft.com/kb/276369/EN-US/
)
How to Obtain the Latest Service Pack for Internet Explorer 5.5
Warning You must restart your computer after you apply this update.
Note You cannot successfully install this update on Microsoft Windows XP-based computers in non-interactive mode (for example, by using Windows Task Scheduler, Microsoft Systems Management Server, or the IBM Tivoli software). This problem has been corrected in the February, 2003 Cumulative Patch for Internet Explorer. For additional information about how to obtain this patch, click the following article number to view the article in the Microsoft Knowledge Base: 810847
(http://support.microsoft.com/kb/810847/EN-US/
)
MS03-004: February, 2003 Cumulative Patch for Internet Explorer
This package supports the following switches:
file name
/q:a /r:n
WARNING : Your computer is vulnerable until you restart it and log on as
an administrator to complete the installation. File InformationThe English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.The following files are installed in the %Windir%\System32 folder. Internet Explorer 6 with SP1 (32-bit)Date Time Version Size File name --------------------------------------------------------- 10-Oct-2002 21:17 6.0.2800.1126 2,787,840 Mshtml.dll 01-Nov-2002 16:05 6.0.2800.1133 1,338,368 Shdocvw.dll 10-Oct-2002 21:18 6.0.2800.1126 483,328 Urlmon.dll Internet Explorer 6 with SP1 (64-bit)Date Time Version Size File name --------------------------------------------------------- 15-Oct-2002 16:21 6.0.2800.1126 9,064,448 Mshtml.dll 01-Nov-2002 19:57 6.0.2800.1133 3,645,952 Shdocvw.dll 15-Oct-2002 16:26 6.0.2800.1126 1,410,560 Urlmon.dll Internet Explorer 6Date Time Version Size File name -------------------------------------------------------- 15-Oct-2002 17:37 6.0.2722.900 2,764,288 Mshtml.dll 05-Nov-2002 16:03 6.0.2722.900 34,304 Pngfilt.dll 05-Mar-2002 00:09 6.0.2715.400 548,864 Shdoclc.dll 05-Nov-2002 16:01 6.0.2723.100 1,336,320 Shdocvw.dll 05-Nov-2002 16:03 6.0.2715.400 109,568 Url.dll 11-Oct-2002 16:53 6.0.2722.900 481,280 Urlmon.dll Internet Explorer 5.5 with SP2Date Time Version Size File name --------------------------------------------------------- 16-Oct-2002 23:36 5.50.4922.900 2,757,392 Mshtml.dll 17-Oct-2002 00:01 5.50.4922.900 48,912 Pngfilt.dll 04-Nov-2002 14:27 5.50.4923.500 1,149,200 Shdocvw.dll 05-Mar-2002 01:53 5.50.4915.500 84,240 Url.dll 15-Oct-2002 21:41 5.50.4922.900 451,344 Urlmon.dll APPLIES TO
| Article Translations
|
| United States | Change | | | All Microsoft Sites |
Back to the top
|
