Some DHTML drag-and-drop operations are blocked after you apply the MS04-038 security updates for Internet Explorer

After you install the MS04-038 (http://www.microsoft.com/technet/security/bulletin/MS04-038.mspx) security updates for Microsoft Internet Explorer, you may experience the following symptoms:

• DHTML drag-and-drop operations are blocked for image elements if the image is not valid.
• DHTML drag-and-drop operations are blocked for anchor elements that include non-HTTP or HTTPS URLs.
• DataTransfer.setData cannot change the URL while dragging the anchor elements and images.

The MS04-038 security updates change the way that Internet Explorer handles DHTML drag-and-drop operations for images and for anchors.

To work around this behavior, use the following methods:

• For image elements, make sure that you use valid images. Valid images have an src attribute or a dynsrc attribute, or both, specified. Also, the value of the src attribute is set to a valid image or the value of the dynsrc attribute is set to a valid video file, or both.
• For anchor elements, use the HTTP URL type or the HTTPS URL type.

This behavior is by design.

Internet Explorer 5 and later versions support DHTML drag-and-drop operations for images, for text strings, or for anchors. For more information about DHTML data transfer, including drag-and-drop operations, visit the following Microsoft Developer Network (MSDN) Web site: