MS05-020: Cumulative security update for Internet Explorer (890923)


The information in this article applies to:

  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Server 2003, Datacenter Edition for Itanium-based Systems
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Small Business Server 2003, Premium Edition
  • Microsoft Windows Small Business Server 2003, Standard Edition
  • Microsoft Internet Explorer 6.0 SP1
  • Microsoft Internet Explorer 5.5 SP2
  • Microsoft Internet Explorer 5.01 SP4
  • Microsoft Internet Explorer 5.01 SP3
  • Microsoft Windows XP Professional SP2
  • Microsoft Windows XP Home Edition SP2
  • Microsoft Windows XP Professional 64-Bit Edition (Itanium)
  • Microsoft Windows XP Professional 64-Bit Edition (Itanium) 2003
  • Microsoft Windows XP Home Edition SP1
  • Microsoft Windows XP Professional SP1
  • Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP Tablet PC Edition
  • Microsoft Windows XP Tablet PC Edition 2005
  • Microsoft Windows XP Tablet PC Edition Service Pack 2 (SP2)
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Media Center Edition 2002
  • Microsoft Windows XP Media Center Edition 2004
  • Microsoft Windows XP Media Center Edition 2005
  • Microsoft Windows XP Media Center Edition Service Pack 2 (SP2)
  • Microsoft Windows 2000 Advanced Server SP3
  • Microsoft Windows 2000 Datacenter Server SP3
  • Microsoft Windows 2000 Professional SP3
  • Microsoft Windows 2000 Server SP3
  • Microsoft Windows 2000 Advanced Server SP4
  • Microsoft Windows 2000 Datacenter Server SP4
  • Microsoft Windows 2000 Professional SP4
  • Microsoft Windows 2000 Server SP4
  • Microsoft Windows Millennium Edition
  • Microsoft Windows 98
  • Microsoft Windows 98 Second Edition
Microsoft has released security bulletin MS05-020. This security bulletin contains all the relevant information about the security update. The bulletin includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web sites: Notes
  • Security update 890923 includes the cumulative security fixes that are documented in Microsoft security bulletin MS05-020. The update also includes hotfixes for Microsoft Internet Explorer that have been released after the release of the MS04-004 and MS04-025 security bulletins.
  • The installer verifies whether one or more of the files that are being updated on the computer have previously been updated by a Microsoft hotfix. However, the installer detects only hotfixes that were released after security bulletin MS04-038, update rollup 873377, or update rollup 889669. Therefore, if you have a computer that has update rollup 873377, update rollup 889669, or a hotfix that was released after update rollup 873377, the installer automatically installs the hotfixes together with security update 890923. However, if the computer does not have update rollup 873377, update rollup 889669, or a hotfix that was released after security bulletin MS04-038, and you want to install the hotfixes included in cumulative security update 890923, you must follow the instructions in Microsoft Knowledge Base article 897225. Otherwise, your hotfixes will be removed.

    897225 How to install hotfixes that are included in cumulative security updates for Internet Explorer 6 Service Pack 1

List of software updates that are included in all the security update 890923 packages

332184 HTTP headers are displayed on the server upload Web page

886184 FIX: You receive an "Access is denied" error message when you open a Web page that runs a script in a frameset in Internet Explorer 6

889407 You receive an "Access is denied" error message when you open a Web page that runs a script in a frameset in Internet Explorer 6

892049 FIX: Internet Explorer 6.0 S892049 does not display the shortcut menu for an ActiveX control in Windows XP Service Pack 2

890207 FIX: The submit action does not execute in an Adobe Acrobat 6.0 PDF file that is hosted in an Internet Explorer 6.0 Service Pack 1 frame window

892052 FIX: Internet Explorer may unexpectedly quit with an error message in module Mshtml.dll when you try to locate a Web page in Windows XP Service Pack 2

884838 You receive a "Microsoft Internet Explorer has encountered a problem and needs to close." error message when two pop-up windows appear at the same time in Internet Explorer 6 Service Pack 1

890215 Applications that use the WinINet API may not respond to a server as expected when you use Internet Explorer 6

894926 After you install security update 867282 that is included with Security Bulletin MS05-014, Internet Explorer crashes when you copy images from Web sites that use the <input type=image> tag

890327 You receive an error message when you try to upload an HTML document to http://validator.w3.org

Known issues
  • In Microsoft Windows XP Service Pack 2 and Microsoft Windows Server 2003 Service Pack 1, the Add or Remove Programs item in Control Panel lists software updates. Add or Remove Programs lists software updates under the name of the product that they update. In Windows XP Service Pack 2, Add or Remove Programs will list this update under Windows XP - Software Updates. In Windows XP Service Pack 2, Add or Remove Programs will not show Installed On for this software update. Therefore, this software update does not show up in the order of installation. Instead, this software update shows at the top of the Windows XP - Software Updates list.
  • Microsoft Baseline Security Analyzer (MBSA) is the scanning tool that is used by Microsoft Systems Management Server (SMS). MBSA can detect computers that require the security updates that are documented in Microsoft security bulletin MS05-020. However, MBSA cannot provide SMS with the information that is required to download and to deploy the appropriate MS05-020 security update packages for computers that are running the following software:
    • Internet Explorer 6 Service Pack 1 for Microsoft Windows NT 4.0
    • Internet Explorer 6 Service Pack 1 for Microsoft Windows 2000
    • Microsoft Windows XP
    To resolve this problem, you can download an SMS deployment package from the Microsoft Download Center.

    For more information about how to obtain and use the SMS deployment package, click the following article number to view the article in the Microsoft Knowledge Base:

    896162 Systems Management Server deployment packages are available that include security update MS05-020 for Internet Explorer 6 Service Pack 1

  • In some Windows Media High Definition Video (WMV HD) DVDs, a chapter does not play when you click it in Microsoft Windows Media Player after you install this security update.

    For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

    884487 A chapter does not play when you click it in some WMV HD DVD disks in Windows Media Player

Modification Type:MinorLast Reviewed:6/5/2006
Keywords:kbHotfixServer kbQFE KBTOCOff kbWinXPpreSP2fix kbWinServ2003preSP1fix kbWin2000preSP5fix kbWinNT400PreSP7Fix kbExpertiseBeginner kbExpertiseAdvanced kbExpertiseInter kbSecurity KbSECBulletin KbSECVulnerability kbBug kbfix KB890923 kbAudEndUser kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.