This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft has released security bulletin MS05-020. This security bulletin contains all the relevant information about the security update. The bulletin includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web sites:
Security update 890923 includes the cumulative security fixes that are documented in Microsoft security bulletin MS05-020. The update also includes hotfixes for Microsoft Internet Explorer that have been released after the release of the MS04-004 and MS04-025 security bulletins.
The installer verifies whether one or more of the files that are being updated on the computer have previously been updated by a Microsoft hotfix. However, the installer detects only hotfixes that were released after security bulletin MS04-038, update rollup 873377, or update rollup 889669. Therefore, if you have a computer that has update rollup 873377, update rollup 889669, or a hotfix that was released after update rollup 873377, the installer automatically installs the hotfixes together with security update 890923. However, if the computer does not have update rollup 873377, update rollup 889669, or a hotfix that was released after security bulletin MS04-038, and you want to install the hotfixes included in cumulative security update 890923, you must follow the instructions in Microsoft Knowledge Base article 897225. Otherwise, your hotfixes will be removed.
897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer 6 Service Pack 1
List of software updates that are included in all the security update 890923 packages
332184 HTTP headers are displayed on the server upload Web page
886184 FIX: You receive an "Access is denied" error message when you open a Web page that runs a script in a frameset in Internet Explorer 6
889407 You receive an "Access is denied" error message when you open a Web page that runs a script in a frameset in Internet Explorer 6
892049 FIX: Internet Explorer 6.0 S892049 does not display the shortcut menu for an ActiveX control in Windows XP Service Pack 2
890207 FIX: The submit action does not execute in an Adobe Acrobat 6.0 PDF file that is hosted in an Internet Explorer 6.0 Service Pack 1 frame window
892052 FIX: Internet Explorer may unexpectedly quit with an error message in module Mshtml.dll when you try to locate a Web page in Windows XP Service Pack 2
884838 You receive a "Microsoft Internet Explorer has encountered a problem and needs to close." error message when two pop-up windows appear at the same time in Internet Explorer 6 Service Pack 1
890215 Applications that use the WinINet API may not respond to a server as expected when you use Internet Explorer 6
894926 After you install security update 867282 that is included with Security Bulletin MS05-014, Internet Explorer crashes when you copy images from Web sites that use the <input type=image> tag
890327 You receive an error message when you try to upload an HTML document to http://validator.w3.org
In Microsoft Windows XP Service Pack 2 and Microsoft Windows Server 2003 Service Pack 1, the Add or Remove Programs item in Control Panel lists software updates. Add or Remove Programs lists software updates under the name of the product that they update. In Windows XP Service Pack 2, Add or Remove Programs will list this update under Windows XP – Software Updates. In Windows XP Service Pack 2, Add or Remove Programs will not show Installed On for this software update. Therefore, this software update does not show up in the order of installation. Instead, this software update shows at the top of the Windows XP – Software Updates list.
Microsoft Baseline Security Analyzer (MBSA) is the scanning tool that is used by Microsoft Systems Management Server (SMS). MBSA can detect computers that require the security updates that are documented in Microsoft security bulletin MS05-020. However, MBSA cannot provide SMS with the information that is required to download and to deploy the appropriate MS05-020 security update packages for computers that are running the following software:
Internet Explorer 6 Service Pack 1 for Microsoft Windows NT 4.0
Internet Explorer 6 Service Pack 1 for Microsoft Windows 2000
Microsoft Windows XP
To resolve this problem, you can download an SMS deployment package from the Microsoft Download Center.
For more information about how to obtain and use the SMS deployment package, click the following article number to view the article in the Microsoft Knowledge Base:
896162 Systems Management Server deployment packages are available that include security update MS05-020 for Internet Explorer 6 Service Pack 1
In some Windows Media High Definition Video (WMV HD) DVDs, a chapter does not play when you click it in Microsoft Windows Media Player after you install this security update.
For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
884487 A chapter does not play when you click it in some WMV HD DVD disks in Windows Media Player
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000