Update Available for Cross-Frame Security Issue (168485)
The information in this article applies to:
- Microsoft Internet Explorer 1.0 for Windows 95
- Microsoft Internet Explorer 2.0 for Windows 95
- Microsoft Internet Explorer 3.0 for Windows 95
- Microsoft Internet Explorer 3.01 for Windows 95
- Microsoft Internet Explorer 3.02 for Windows 95
- Microsoft Internet Explorer 4.0 for Windows 95
- Microsoft Internet Explorer 4.01 for Windows 95
- Microsoft Internet Explorer 5.0 for Windows 95
- Microsoft Internet Explorer 5.01 for Windows 95
- Microsoft Internet Explorer 5.5 for Windows 95
- Microsoft Internet Explorer 3.x for Windows 95
- Microsoft Internet Explorer 4.x for Windows 95
- Microsoft Internet Explorer 2.0 for Windows NT 4.0
- Microsoft Internet Explorer 3.0 for Windows NT 4.0
- Microsoft Internet Explorer 3.01 for Windows NT 4.0
- Microsoft Internet Explorer 3.02 for Windows NT 4.0
- Microsoft Internet Explorer 4.0 for Windows NT 4.0
- Microsoft Internet Explorer 4.01 for Windows NT 4.0
- Microsoft Internet Explorer 5.0 for Windows NT 4.0
- Microsoft Internet Explorer 5.01 for Windows NT 4.0
- Microsoft Internet Explorer 5.5 for Windows NT 4.0
- the operating system: Microsoft Windows 98
- Microsoft Internet Explorer 2.0 for Macintosh
- Microsoft Internet Explorer 2.1 for Macintosh
- Microsoft Internet Explorer 3.0 for Macintosh
- Microsoft Internet Explorer 4.0 for Macintosh
- Microsoft Internet Explorer 4.01 for Macintosh
- Microsoft Internet Explorer 4.5 for Macintosh
- Microsoft Internet Explorer 5.0 for Macintosh
- Microsoft Internet Explorer 3.01a for Macintosh
- Microsoft Internet Explorer 3.0a for Macintosh
- Microsoft Internet Explorer 2.0 for Windows 3.1
- Microsoft Internet Explorer 2.01 for Windows 3.1
- Microsoft Internet Explorer 2.1 for Windows 3.1
- Microsoft Internet Explorer 3.0 for Windows 3.1
- Microsoft Internet Explorer 3.01 for Windows 3.1
- Microsoft Internet Explorer 3.03 for Windows 3.1
- Microsoft Internet Explorer 4.0 for Windows 3.1
- Microsoft Internet Explorer 4.01 for Windows 3.1
- Microsoft Internet Explorer 4.5 for Windows 3.1
- Microsoft Internet Explorer 5.0 for Windows 3.1
- Microsoft Internet Explorer 3.02a for Windows 3.1
- Microsoft Internet Explorer 1.5 for Windows NT 3.51
- Microsoft Internet Explorer 2.0 for Windows NT 3.51
- Microsoft Internet Explorer 3.0 for Windows NT 3.51
- Microsoft Internet Explorer 3.01 for Windows NT 3.51
- Microsoft Internet Explorer 3.03 for Windows NT 3.51
- Microsoft Internet Explorer 4.0 for Windows NT 3.51
- Microsoft Internet Explorer 4.01 for Windows NT 3.51
- Microsoft Internet Explorer 4.5 for Windows NT 3.51
- Microsoft Internet Explorer 5.0 for Windows NT 3.51
- Microsoft Internet Explorer 3.02a for Windows NT 3.51
This article was previously published under Q168485 SUMMARY
Microsoft has released an update that addresses a potential security issue
with the implementation of cross-frame security in Microsoft Internet
Explorer. Additional information about this issue is available from the
following Microsoft Web sites:
Updates are available for the following products:
- Microsoft Internet Explorer 4.01 for Windows 95 and Windows NT 4.0
(x86 and Alpha)
- Microsoft Windows 98
- Microsoft Internet Explorer 4.01 for Windows 3.1 and Windows NT 3.51
- Microsoft Internet Explorer 4.01 for Macintosh
This issue may enable a malicious Web site administrator to read files
from a remote computer by circumventing the safeguards that Microsoft has
implemented with regard to scripts interacting with other instances of
Internet Explorer. Note that Microsoft has not received reports of adverse
effects due to this issue.
MORE INFORMATION
Update Information by Product:
NOTE: If you are using Internet Explorer 3.x or 4.0, you must install
Internet Explorer 4.01 in order to apply this update. You can install
Internet Explorer 4.01 with Service Pack 1 from the following Microsoft
Web site:
Microsoft Internet Explorer 4.01 and 4.01 with Service Pack 1 for Windows
95:
Updated File Name Size (bytes) Date Version
------------------------------------------------------------
Mshtml.dll 2,413,840 9-02-98 4.72.3509.100
Microsoft Internet Explorer 4.01 and 4.01 with Service Pack 1 for Windows
NT 4.0 x86:
Updated File Name Size (bytes) Date Version
------------------------------------------------------------
Mshtml.dll 2,413,328 9-02-98 4.72.3509.100
Microsoft Internet Explorer 4.01 and 4.01 with Service Pack 1 for Windows
NT 4.0 Alpha:
Updated File Name Size (bytes) Date Version
------------------------------------------------------------
Mshtml.dll 3,937,552 9-02-98 4.72.3509.200
Windows 98:
Update File Name: ie4jsn.exe
Availability: Microsoft Windows Update
Updated File Name Size (bytes) Date Version
------------------------------------------------------------
Mshtml.dll 2,413,840 9-02-98 4.72.3509.100
Microsoft Internet Explorer 4.01 for Windows 3.1 and Windows NT 3.51:
Updated File Name Size (bytes) Date Version
------------------------------------------------------------
Mshtml16.dll 3,084,160 9-02-98 4.01.2509.200
Urlmon16.dll 351,280 9-02-98 4.01.2509.201
Modification Type: | Major | Last Reviewed: | 12/30/2005 |
---|
Keywords: | kbenv kbinfo kbweb KB168485 |
---|
|