MS10-002: Cumulative security update for Internet Explorer

The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative security update for Internet Explorer. To install the most current update, visit the following Microsoft Web site:
For more technical information about the most current cumulative security update for Internet Explorer, visit the following Microsoft Web site:

INTRODUCTION

Microsoft has released security bulletin MS10-002. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update


Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information

We have also created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.

To install the application compatibility database, click the Fix it button in the "Fix it for me" section.

Fix it for me

To enable or disable DEP automatically, click the
Fix itbutton or link. Click
Runin the
File Downloaddialog box, and then follow the steps in the Fix it wizard.
Enable Application Compatibility DatabaseDisable Application Compatibility Database
Notes
  • These wizards may be in English only; however, the automatic fixes also work for other language versions of Windows.
  • If you are not on the computer that has the problem, save the Fix it solutions to a flash drive or a CD and then run it on the computer that has the problem.
  • These wizards do not apply to Windows 2000-based operating systems because Windows 2000 does not support DEP.
  • If you decide not to install the current security update, and you instead choose to use the workaround that is described in MS10-002, you can click the Fix it button to enable or disable DEP. Then, you can click Run in the File Download dialog box and follow the steps in the Fix it wizard.

Known issues with this security update

Non-security-related fixes that are included in this security update

General distribution release (GDR) fixes

Individual updates may not be installed, depending on the version of Windows and the version of the affected application. Please view the individual articles to determine your update status.

Article numberArticle title
888092 You may receive an error message in module Mshtml.dll and Internet Explorer quits when you run a custom Web program in Internet Explorer 6
968933 After you append new characters in an HTML page text area in Internet Explorer 7, the original characters in the text area are replaced with the new characters
971447 The SetCursorPos function does not move the pointer to the link that receives keyboard focus in Internet Explorer 8 on Windows Vista and on Windows Server 2008
971448 You cannot resize the frames in a nested frameset when you open a Web page in Internet Explorer 8
973528 The "window.focus" and "window.blur" methods do not set the focus on a new window in Internet Explorer 8 if the window was created by another Iexplorer.exe process
973529 Automatic configuration does not work in Internet Explorer 8
973533 Text takes a long time to appear on the screen when you type inside a TEXTAREA element in a Web page in Internet Explorer 8 Standards mode
973534 Internet Explorer 8 crashes when you click an element that uses expressions in cascading style sheets
973536 Internet Explorer 8 is slow to load a Web page that contains the BASE tag
973538 You cannot print a page and you receive an error message in an application that hosts a WebOC that uses a custom print template in Internet Explorer 8
975169 The application that hosts a WebBrowser control crashes when you use a custom MIME filter on a computer that has Internet Explorer installed
975170 Tables are displayed incorrectly in HTML pages in Internet Explorer 8
975624 User's data in local storage is occasionally lost in Internet Explorer 8
976104 You cannot upload a large file to the Microsoft Azure portal in Internet Explorer 8 on a computer that is running Windows Server 2008
978722 A VPN client computer that has security update 974455 or 976325 installed stops responding when you access compressed content by using the computer
978723 Internet Explorer 8 opens a URL that links to a Microsoft Office file from the Temporary Internet Files folder
978724 Windows Internet Explorer 8 crashes when you try to remove some add-ons by using the Manage Add-ons dialog box
978725 The Window.open method in a WebBrowser control application returns NULL in Internet Explorer 8
978729 The Back button and the Forward button in Windows Internet Explorer 8 do not work correctly
979665 Error message in Mshtml.dll occurs when you use Windows Internet Explorer 8 on a computer that is running Windows 7: "Event ID: 1000"
979666 The cookie information for a domain is not displayed correctly in Windows Internet Explorer 8
979667 A table that contains a People Picker control is not pasted correctly in Microsoft Office InfoPath 2007
979672 A hyperlink in a 64-bit application starts a 64-bit version of Internet Explorer 8

Hotfixes

Security update 978207 packages for Windows XP and for Windows Server 2003 include Internet Explorer hotfix files and general distribution release (GDR) files. If no existing Internet Explorer files are from the hotfix environment, security update 978207 installs the GDR files.

Hotfixes are intended to correct only the problems that are described in the Microsoft Knowledge Base articles that are associated with the hotfixes. Apply hotfixes only to systems that are experiencing these specific problems.

These hotfixes may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains these hotfixes. For more information about how to install the hotfixes that are included in security update 978207, click the following article number to view the article in the Microsoft Knowledge Base:
897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer

NoteIn addition to installing hotfix files, review the Microsoft Knowledge Base article that is associated with the specific hotfix that you have to install to determine the registry modification that is required to enable that specific hotfix.

For more information about how to determine whether your existing Internet Explorer files are from the hotfix or from the GDR environment, click the following article number to view the article in the Microsoft Knowledge Base:
824994 Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages

FILE INFORMATION

ERROR: PhantomJS timeout occurred