MS11-099: Cumulative Security Update for Internet Explorer: December 13, 2011

Applies to: Internet Explorer 9Windows Server 2008 R2 DatacenterWindows Server 2008 R2 Enterprise

The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative security update for Internet Explorer. To install the most current update, go to the following Microsoft website: For more technical information about the most current cumulative security update for Internet Explorer, go to the following Microsoft website:


Microsoft has released security bulletin MS11-099. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information

Known issues with this security update

After you install this security update, you may experience the following issue:
  • Symptoms

    On certain websites, when you use the Select All option in the shortcut menu, or you press Ctrl+A to select all content, and then you try to paste the content into a webpage in Internet Explorer, nothing happens. The content is not pasted. For example, the issue may occur when you try to paste the content into an message or an Outlook Web Access (OWA) message. 

    This issue may occur only on some websites. This issue occurs only when you paste into Internet Explorer. This issue does not occur when you copy from Internet Explorer and then paste into other applications such as Microsoft Word or Microsoft Outlook.


    This issue occurs if the webpage contains a script tag, an object tag, or an embed tag that appears after the body tag.


    To work around this issue in Internet Explorer, use the mouse instead of the Select All option or Ctrl+A to select the text that you want to copy. Try to copy only the section of content that you need instead of selecting all the content.

Non-security-related fixes that are included in this security update

General distribution release (GDR) fixes

Individual updates may not be installed, depending on the version of Windows and the version of the affected application. Please view the individual articles to determine your update status.

Article numberArticle title
2624899 FIX: You cannot close the EMC window on a computer that has Internet Explorer 9 installed
2628551 A custom MIME filter is disabled and not invoked in Internet Explorer 9
2628724 FIX: Some drop-down lists and combo boxes do not appear in Internet Explorer 7 after you install security update 2586448
2629739 A Visual Basic 6 application cannot receive events from a frame in a different domain
2631938 Authentication may be unsuccessful when you use Internet Explorer 9 to visit a secure website that requires client-side certificates
2632022 RSS feeds may not be displayed when you disable the page zooming feature in Internet Explorer 8 or in Internet Explorer 9
2633097 FIX: The pointer icon image becomes stuck when a webpage uses the jQuery UI Library to implement the drag-and-drop feature in Internet Explorer 9
2633335 Surrogate pair characters are not handled as expected in an input box in Internet Explorer 9
2633346 A webpage that you open in a new window or tab opens with a previous zoom level in Internet Explorer 8
2633863 A Group Policy setting to prevent the tabs from closing does not work in Internet Explorer 9
2633864 A webpage or an ActiveX control that is hosted on a webpage may stop receiving the focus intermittently in Internet Explorer 9
2634434 You cannot save a downloaded file to an offline redirected location in Windows Internet Explorer 9
2635490 Internet Explorer 9 may crash when you revisit a webpage and use AutoComplete
2635543 The "Pop-up allow list" option in Group Policy for Internet Explorer 9 does not work as expected
2637344 An ActiveX control in Internet Explorer can no longer access the data that was provided by a DATA attribute after you install the update in security advisory 2562937
2639263 Internet Explorer Privacy Policy dialog box is blank for P3P privacy policy websites
2643119 Internet Explorer 9 may display attribute content as part of a webpage in which some HTML elements contain many attributes


Security update 2618444 packages for Windows XP and for Windows Server 2003 include Internet Explorer hotfix files and general distribution release (GDR) files. If no existing Internet Explorer files are from the hotfix environment, security update 2618444 installs the GDR files.

Hotfixes are intended to correct only the problems that are described in the Microsoft Knowledge Base articles that are associated with the hotfixes. Apply hotfixes only to systems that are experiencing these specific problems.

These hotfixes may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains these hotfixes. For more information about how to install the hotfixes that are included in security update 2618444, click the following article number to view the article in the Microsoft Knowledge Base:
897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer

Note In addition to installing hotfix files, review the Microsoft Knowledge Base article that is associated with the specific hotfix that you have to install to determine the registry modification that is required to enable that specific hotfix.

For more information about how to determine whether your existing Internet Explorer files are from the hotfix or from the GDR environment, click the following article number to view the article in the Microsoft Knowledge Base:
824994 Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages


For a list of files that are provided within these packages, click the following link:

How to determine whether you are running a 32-bit or a 64-bit edition of Windows

If you are not sure which version of Windows that you are running or whether it is a 32-bit version or 64-bit version, open System Information (Msinfo32.exe), and review the value that is listed for System Type. To do this, follow these steps:
  1. Click Start, and then click Run, or click Start Search.
  2. Type msinfo32.exe, and then press Enter.
  3. In System Information, review the value for System Type.
    • For 32-bit editions of Windows, the System Type value is x86-based PC.
    • For 64-bit editions of Windows, the System Type value is x64-based PC.
For more information about how to determine whether you are running a 32-bit or 64-bit edition of Windows, click the following article number to view the article in the Microsoft Knowledge Base:
827218 How to determine whether a computer is running a 32-bit version or a 64-bit version of the Windows operating system