Security Patches for Internet ExplorerLast reviewed: February 23, 1998Article ID: Q176697 |
The information in this article applies to:
SUMMARYThis article describes the following security issues in Internet Explorer:
ARTICLE-ID: Q177485 TITLE : Microsoft Internet Explorer 4.01 Available MORE INFORMATION
MK Overrun IssueMicrosoft has posted a fix to protect Internet Explorer customers against a potential problem known as the MK Overrun issue. This issue can cause Internet Explorer 4.0 or 4.01 to stop responding (hang) when a malicious Web site uses a "mk://" Web address that contains more characters than Internet Explorer supports. These extra characters could form a malicious executable file that could be run on your computer. This issue was originally reported on the following Web site:
http://l0pht.com/advisories.html.This issue affects customers who use the following products:
NOTE: Microsoft Windows 3.1, Microsoft Windows NT 3.5, Macintosh, and Unix versions of Internet Explorer are not affected by this issue. The patches will eventually be available in several languages. For additional information (or to download the patch), please see the following Microsoft Web site:
http://www.microsoft.com/ie/security/?/ie/security/mk.htmThe MK Overrun patch updates the Urlmon.dll file in the Windows\System or Winnt/System32 folder to the following size, date, and version:
Browser Platform Size (in bytes) Date Version ---------------------------------------------------------- Windows 95 483,600 1/15/98 4.72.2915.0 Windows NT 4.0 484,112 1/15/98 4.72.2915.0To uninstall this patch, extract the original Urlmon.dll file from the Internet Explorer 4.0 or 4.01 Ie4_s3.cab cabinet file.
Page Redirect IssueWhen you connect to a Web site that requires user authentication information (name and password), and the Web site redirects you to another Web site, your authentication information may be captured by the second Web site. NOTE: Microsoft has received no reports of any Internet Explorer user being affected by this problem to date. Internet Explorer 3.02 users should download the Redir302.exe patch. Internet Explorer 4.0 users should download the Redir40.exe patch. Microsoft has confirmed this to be a problem in Internet Explorer versions 3.02 and 4.0 for Windows 95 and Windows NT 4.0, and has provided a patch that fixes the problem. NOTE: The Page Redirect issue does not affect Internet Explorer for Windows 3.1, Windows NT 3.51, or Macintosh. It does affect Platform Preview 1 of Internet Explorer 4.0 for UNIX on Sun Solaris. Note that Microsoft recommends using preview versions for evaluation purposes only and will fix this issue in the final version of Internet Explorer 4.0 for UNIX on Sun Solaris. In the meantime, we recommend that Platform Preview 1 of Internet Explorer 4.0 for UNIX on Sun Solaris users do not enter their authentication information at Web sites. When you install this patch, the Wininet.dll file in the Windows\System folder (in Windows 95) or Winnt\System32 folder (in Windows NT) is updated as follows:
Browser Version Size Date ---------------------------------------------------------------- Internet Explorer 3.02 4.70.1323 300,816 11/03/97 11:32a Internet Explorer 4.0 4.71.2113.0 368,400 11/14/97 11:19a Buffer Overrun IssueA malicious Web page author could create a Web page with a link containing the "res://" URL type using more characters than the "res://" URL type was designed to support (256 characters). When you navigate to such a link, the characters beyond the first 256 could contain malicious code that could be executed on your computer. Microsoft has confirmed this to be a problem in Internet Explorer version 4.0 for Windows 95, and has provided a patch that fixes the problem. Note that this problem does not affect Windows NT, Windows 3.1, or Macintosh users of Internet Explorer 4.0, or any other versions of Internet Explorer. When you install this patch, the Mshtml.dll file is updated to version 4.71.2110.0 (2,408,208 bytes, last modified on 11/10/97) on Windows 95 only.
"Freiburg" Text-Viewing IssueMicrosoft has released a patch for Internet Explorer 4.0 for Windows 95 and Windows NT 4.0 to protect your computer against a potential problem with Internet Explorer 4.0 known as the "Freiburg" text-viewing issue. NOTE: The Windows 95 version of this patch is no longer available on Microsoft's Web site. The "Freiburg" patch is included in the Buffer Overrun patch for Windows 95 only. When you install this patch, the Mshtml.dll file is updated to version 4.71.2016.0. NOTE: The version number reported when you click About Internet Explorer on the Help menu (version 4.71.1712.6) and the Internet Explorer 4.0 user agent string (Mozilla/4.0 [compatible; MSIE4.0;Window 95]) are unchanged for this patch. The potential problem exposed by the "Freiburg" text-viewing issue could allow a malicious Web site to obtain the contents of a text, Hypertext Markup Language (HTML), or graphics file from your hard disk. The file obtained cannot be damaged or manipulated on your computer, but it can be viewed. A malicious person could create a Web page that is intentionally designed to exploit the "Freiburg" text-viewing issue. The Web page must be specifically designed to use the exact name and location of a text, HTML, or graphics file on your hard disk. Even if the exact name and location of a file is used, the Web site cannot destroy or tamper with any data, and data cannot be obtained from files other than text, HTML, or graphics files. To protect your computer against this problem, disable scripting for unfamiliar Web sites by using the security zones feature of Internet Explorer 4.0. Network administrators can also use security zones to prevent this problem from occurring on their intranet. To disable scripting for unfamiliar Web sites, follow these steps in Internet Explorer:
ARTICLE-ID: Q174360 TITLE : How to Use Security Zones in Internet Explorer 4.0 |
Additional query words: 4.00 4.01 iframe jscript java update fix frieberg
© 1998 Microsoft Corporation. All rights reserved. Terms of Use. |