Applies ToWindows Server 2008 Datacenter without Hyper-V Windows Server 2008 Enterprise without Hyper-V Windows Server 2008 for Itanium-Based Systems Windows Server 2008 Standard without Hyper-V Windows Server 2008 Datacenter Windows Server 2008 Enterprise Windows Server 2008 Standard Windows Server 2008 Web Edition Windows Server 2008 R2 Datacenter Windows Server 2008 R2 Enterprise Windows Server 2008 R2 Standard Windows Server 2008 R2 Web Edition Windows Vista Business Windows Vista Enterprise Windows Vista Home Basic Windows Vista Home Premium Windows Vista Ultimate Windows Vista Enterprise 64-bit Edition Windows Vista Home Basic 64-bit Edition Windows Vista Home Premium 64-bit Edition Windows Vista Ultimate 64-bit Edition Windows Vista Business 64-bit Edition

Symptoms

After you install security update 961260 (MS09-002) on a computer that is running Windows Vista or Windows Server 2008, you may experience a problem when you visit some Web pages that are in different Internet Explorer security zones. When the problem occurs, you receive a message that resembles the following:

Navigation to the webpage was canceledThis problem occurs if the navigation causes Protected Mode settings to change from On to Off. You can determine which Internet Explorer security zone a Web page is in by looking at the status bar at the bottom of the Internet Explorer 7 window.

Cause

This problem occurs because Internet Explorer 7 switches Protected Mode settings when certain Web pages are configured in the Trusted Sites area of the Security tab of the Internet Options dialog box. By default, Protected Mode is set to Off for Web sites that are configured in the Trusted Sites area.

Resolution

Security update information

To resolve this problem, install the most current cumulative security update for Internet Explorer. To install the most current updates, visit the following Microsoft Web site:

http://update.microsoft.comFor more technical information about the most current cumulative security update for Internet Explorer, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/current.aspxNote This update was first included in security update 963027 (MS09-014). For more information, click the following article number to view the article in the Microsoft Knowledge Base:

963027MS09-014: Cumulative security update for Internet ExplorerNote If you previously applied either of the following workarounds that were previously documented in this article, you must remove the specific workaround. Undo workaround method 3: Disable Protected Mode for the "Trusted Sites" zone

  1. Click Start  Start button  , type Internet Options in the Start Search box, and then click Internet Options in the Programs list.

  2. Click the Security tab, and then click Trusted Sites in the Select a zone to view or change security settings area.

  3. Click to clear the Enabled Protected Mode (requires restarting Internet Explorer) check box, and then click OK.

  4. Restart Internet Explorer.

Undo workaround method 4: Edit the registry to disable a Feature Control key that will enable the functionality that was introduced in security update 961260 (MS09-002)To do this, modify the DWORD value that is named iexplore.exe and set its value to 1 in the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL ImportantThis section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756How to back up and restore the registry in Windows

  1. Click Start  Start button  , type regedit in the Start Search box, and then click regedit.exe in the Programs list. User Account Control permission  If you are prompted for an administrator password or confirmation, type your password or click Continue.

  2. Locate and then click the following subkey in the registry:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOLNote If the "FEATURE_RESTRICT_ABOUT_PROTOCOL" subkey does not exist, you do not need to go further because the specific workaround has not bee applied to the computer.

  3. In the details pane, right-click iexplore.exe, and then click Modify.

  4. In the Value data box, type 1, and then click OK.

  5. Exit Registry Editor.

  6. Restart Internet Explorer.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

For more information about security update 961260 (MS09-002), click the following article number to view the article in the Microsoft Knowledge Base:

961260 MS09-002: Cumulative security update for Internet Explorer

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.