MS11-099: Cumulative Security Update for Internet Explorer: December 13, 2011
The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative security update for Internet Explorer. To install the most current update, go to the following Microsoft website:
Microsoft has released security bulletin MS11-099. To view the complete security bulletin, go to one of the following Microsoft websites:
- Home users:Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
- IT professionals:
How to obtain help and support for this security updateHelp installing updates: Support for Microsoft Update
Security solutions for IT professionals: TechNet Security Troubleshooting and Support
Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center
Local support according to your country: International Support
Known issues with this security updateAfter you install this security update, you may experience the following issue:
On certain websites, when you use the Select All option in the shortcut menu, or you press Ctrl+A to select all content, and then you try to paste the content into a webpage in Internet Explorer, nothing happens. The content is not pasted. For example, the issue may occur when you try to paste the content into an Outlook.com message or an Outlook Web Access (OWA) message.
This issue may occur only on some websites. This issue occurs only when you paste into Internet Explorer. This issue does not occur when you copy from Internet Explorer and then paste into other applications such as Microsoft Word or Microsoft Outlook.
This issue occurs if the webpage contains a script tag, an object tag, or an embed tag that appears after the body tag.
To work around this issue in Internet Explorer, use the mouse instead of the Select All option or Ctrl+A to select the text that you want to copy. Try to copy only the section of content that you need instead of selecting all the content.
Non-security-related fixes that are included in this security update
General distribution release (GDR) fixesIndividual updates may not be installed, depending on the version of Windows and the version of the affected application. Please view the individual articles to determine your update status.
|Article number||Article title|
|2624899||FIX: You cannot close the EMC window on a computer that has Internet Explorer 9 installed|
|2628551||A custom MIME filter is disabled and not invoked in Internet Explorer 9|
|2628724||FIX: Some drop-down lists and combo boxes do not appear in Internet Explorer 7 after you install security update 2586448|
|2629739||A Visual Basic 6 application cannot receive events from a frame in a different domain|
|2631938||Authentication may be unsuccessful when you use Internet Explorer 9 to visit a secure website that requires client-side certificates|
|2632022||RSS feeds may not be displayed when you disable the page zooming feature in Internet Explorer 8 or in Internet Explorer 9|
|2633097||FIX: The pointer icon image becomes stuck when a webpage uses the jQuery UI Library to implement the drag-and-drop feature in Internet Explorer 9|
|2633335||Surrogate pair characters are not handled as expected in an input box in Internet Explorer 9|
|2633346||A webpage that you open in a new window or tab opens with a previous zoom level in Internet Explorer 8|
|2633863||A Group Policy setting to prevent the tabs from closing does not work in Internet Explorer 9|
|2633864||A webpage or an ActiveX control that is hosted on a webpage may stop receiving the focus intermittently in Internet Explorer 9|
|2634434||You cannot save a downloaded file to an offline redirected location in Windows Internet Explorer 9|
|2635490||Internet Explorer 9 may crash when you revisit a webpage and use AutoComplete|
|2635543||The "Pop-up allow list" option in Group Policy for Internet Explorer 9 does not work as expected|
|2637344||An ActiveX control in Internet Explorer can no longer access the data that was provided by a DATA attribute after you install the update in security advisory 2562937|
|2643119||Internet Explorer 9 may display attribute content as part of a webpage in which some HTML elements contain many attributes|
HotfixesSecurity update 2618444 packages for Windows XP and for Windows Server 2003 include Internet Explorer hotfix files and general distribution release (GDR) files. If no existing Internet Explorer files are from the hotfix environment, security update 2618444 installs the GDR files.
Hotfixes are intended to correct only the problems that are described in the Microsoft Knowledge Base articles that are associated with the hotfixes. Apply hotfixes only to systems that are experiencing these specific problems.
These hotfixes may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains these hotfixes. For more information about how to install the hotfixes that are included in security update 2618444, click the following article number to view the article in the Microsoft Knowledge Base:
897225How to install hotfixes that are included in cumulative security updates for Internet Explorer
Note In addition to installing hotfix files, review the Microsoft Knowledge Base article that is associated with the specific hotfix that you have to install to determine the registry modification that is required to enable that specific hotfix.
For more information about how to determine whether your existing Internet Explorer files are from the hotfix or from the GDR environment, click the following article number to view the article in the Microsoft Knowledge Base:
824994Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages
For a list of files that are provided within these packages, click the following link:
How to determine whether you are running a 32-bit or a 64-bit edition of WindowsIf you are not sure which version of Windows that you are running or whether it is a 32-bit version or 64-bit version, open System Information (Msinfo32.exe), and review the value that is listed for System Type.To do this, follow these steps:
- Click Start, and then click Run, or click Start Search.
- Type msinfo32.exe, and then press Enter.
- In System Information, review the value for System Type.
- For 32-bit editions of Windows, the System Type value is x86-based PC.
- For 64-bit editions of Windows, the System Type value is x64-based PC.
827218How to determine whether a computer is running a 32-bit version or a 64-bit version of the Windows operating system
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Article ID: 2618444 - Last Review: 09/09/2013 17:21:00 - Revision: 7.0
Windows Internet Explorer 9, Windows Internet Explorer 8, Windows Internet Explorer 7, Microsoft Internet Explorer 6.0
- atdownload kbbug kbexpertiseinter kbfix kbpubtypekc kbqfe kbsecbulletin kbsecurity kbsecvulnerability KB2618444