MS10-018: Cumulative security update for Internet Explorer

The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative security update for Internet Explorer. To install the most current update, visit the following Microsoft website:For more technical information about the most current cumulative security update for Internet Explorer, visit the following Microsoft website:

INTRODUCTION

Microsoft has released security bulletin MS10-018. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update


Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information

Two Fix it solutions are available:



  • Fix it solution for peer factory in iepeers.dll An application compatibility database was created that disabled peer factory in the iepeers.dll binary for supported versions of Internet Explorer on Windows XP and Windows Server 2003.

    To remove this application compatibility database and to restore the original settings, click the Fix it button in the "Fix it solution for peer factory in iepeers.dll" section.
  • Fix it solution for Data Execution Prevention

    We have created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer that support DEP. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.



    To install this application compatibility database, click the Fix it button in the "Fix it solution for Data Execution Prevention" section.

Fix it solution for peer factory in iepeers.dll

To reverse the “Disable peer factory in iepeers.dll” workaround that is provided in Microsoft Security Advisory 980182 for supported versions of Windows XP and Windows Server 2003, and to restore the original settings, click the Fix this problem link under the "Disable this fix" heading. Then, click Run in the File Download dialog box and follow the steps in the wizard.


Notes
  • This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.
  • If you are not on the computer that has the problem, you can save the automatic fix to a flash drive or to a CD, and then you can run it on the computer that has the problem.

Fix it solution for Data Execution Prevention

To enable or disable DEP automatically, click the
Fix itbutton or link. Click
Runin the
File Downloaddialog box, and then follow the steps in the Fix it wizard.
Enable the application compatibility databaseDisable the application compatibility database
Notes
  • If you decide not to install the current security update, and you instead choose to use the workaround that is described in MS10-018, you can click the Fix it button to enable or disable DEP. Then, click Run in the File Download dialog box and follow the steps in the wizard.
  • These wizards may be in English only. However, the automatic fixes also work for other language versions of Windows.
  • If you are not on the computer that has the problem, save the Fix it solutions to a flash drive or a CD and then run it on the computer that has the problem.
  • These wizards do not apply to Windows 2000-based operating systems because Windows 2000 does not support DEP.
  • For this workaround to be effective, your processor must support Hardware-enforced DEP. For more information about how to determine whether your system supports Hardware-enforced DEP click the following article number to view the article in the Microsoft Knowledge Base:

    912923 How to determine that hardware DEP is available and configured on your computer

Known issues with this security update

Non-security-related fixes that are included in this security update

General distribution release (GDR) fixes

Individual updates may not be installed, depending on the version of Windows and the version of the affected application. Please view the individual articles to determine your update status.

Article numberArticle title
975623 A memory leak occurs when the InnerHTML property of an element is updated repeatedly in Internet Explorer 8
974895 Colors are not displayed correctly when you view a JPEG image in Internet Explorer 8
974537 Part of a pop-up window appears off-screen in Internet Explorer 8
972551 You cannot select a drop-down list in a modal dialog box in Internet Explorer 8 after you set the document.domain property
957588 Internet Explorer 6 may crash randomly when you browse some Web sites that display a PNG file on a Windows Server 2003-based computer
974322 "Operation aborted" error message when you open a Web page that uses the appendChild method in Internet Explorer 8 or in Internet Explorer 7
979887 Error message when you view a Web page in Internet Explorer 8: "Unexpected call to method or property access"
979896 Table column width shrinks when you use the table-layout:fixed attribute in Internet Explorer 8
979926 The history.length value is calculated incorrectly in Internet Explorer 8 when the Automatic Crash Recovery feature is enabled
979942 The option to select an alternative file source does not display when you use Internet Explorer 8 to view a PDF document that contains an embedded media
979954 The Window.focus method does not work in Internet Explorer 8
979960 Internet Explorer 8 stops responding after the DllRegisterServer function takes more than five minutes to respond
979964 The taskbar is displayed as blank when you run Internet Explorer 7 after you install security update 976325 (MS09-072)
980073 Focus is lost when the Print Picture option is selected in Internet Explorer 8
980344 Internet Explorer 8 may crash intermittently if you enable the SmartScreen Filter after you install security update 976325
980025 The selected item moves out of view in a drop-down list in Excel Web Access on a computer that has Internet Explorer 8 installed
971257 Formatted content that is copied and then pasted from a RTF document is not displayed correctly on a computer that is running a 64-bit version of Windows
979898 A text block moves together with the mouse pointer when you click the LEFT ARROW key or the RIGHT ARROW key in a Microsoft SharePoint Web application in Internet Explorer 8
973535 A Web page is not displayed correctly in Internet Explorer 8 on a computer that is running Windows Vista

Hotfixes

Security update 980182 packages for Windows XP and for Windows Server 2003 include Internet Explorer hotfix files and general distribution release (GDR) files. If no existing Internet Explorer files are from the hotfix environment, security update 980182 installs the GDR files.

Hotfixes are intended to correct only the problems that are described in the Microsoft Knowledge Base articles that are associated with the hotfixes. Apply hotfixes only to systems that are experiencing these specific problems.

These hotfixes may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains these hotfixes. For more information about how to install the hotfixes that are included in security update 980182, click the following article number to view the article in the Microsoft Knowledge Base:
897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer

NoteIn addition to installing hotfix files, review the Microsoft Knowledge Base article that is associated with the specific hotfix that you have to install to determine the registry modification that is required to enable that specific hotfix.

For more information about how to determine whether your existing Internet Explorer files are from the hotfix or from the GDR environment, click the following article number to view the article in the Microsoft Knowledge Base:
824994 Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages

FILE INFORMATION

ERROR: PhantomJS timeout occurred