Microsoft has released security bulletin MS06-061. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites: Home users:

How to manually apply the workaround. Specifically, to see this information, expand the Suggested actions section, and then expand the Workaround section. Fix it solution for MSXML version 3, MSXML version 4, or MSXML version 6.

Resolves a security vulnerability that exists in Microsoft XML Core Services that could enable information disclosure.

Microsoft has released security bulletin MS06-061. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites: Home users:

If the Msxml4.dll file is locked, the file may not be updated when you apply security update MS06-071 for MSXML 4.0, for MSXML 4.0 SP1, and for MSXML 4.0 SP2. To work around this issue, use the following commands to uninstall Msxml4.dll: MsiExec.exe /uninstall {37477865-A3F1-4772-AD43-AAFC6BCFF99F} /passive.

Describes a problem that occurs when you install SQL Server 2008 on a Windows XP-based or a Windows Server 2003-based computer if you have installed the security update package 954459 for MSXML Core Services 6.0.

Resolves a security vulnerability that exists in Microsoft XML Core Services that could enable information disclosure.

Resolves a security vulnerability in Microsoft XML Core Services that could allow arbitrary code to run when you view a specially crafted webpage by using Internet Explorer.

The file that security update package 927977 for MSXML 6.0 installs is listed in the following table. Resolves a newly discovered, publicly disclosed vulnerability in MSXML 6.0. We recommend that customers apply the update immediately.

Resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page by using Internet Explorer. The vulnerability could be exploited through attacks in XML Core Services.