• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer Web Folder Behaviors Cross-Domain Scripting Vulnerability

Solution:
Microsoft has released fixes to address supported versions of the software. Fixes for Internet Explorer on Windows 98/98SE/ME may be obtained through Windows Update.

Microsoft has updated the security bulletin for this issue to reflect the availability of updated fixes. This is due to an issue with Systems Management Server (SMS) and the original fixes. Users who updated using Automatic Update, Windows Update, Microsoft Update, and Windows Server Update Services (WSUS) do not need to re-apply the fixes.


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 for Windows XP/2000 (KB896727)
  http://www.microsoft.com/downloads/details.aspx?familyid=68300B15-1CF9 -45FB-875E-2EF6D2FBC9ED&displaylang=en

Microsoft Internet Explorer 6.0 SP2 - do not use

• Microsoft Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB896727)
  http://www.microsoft.com/downloads/details.aspx?familyid=648B6F0E-1695 -44E5-826A-43406DF4858E&displaylang=en

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 Itanium 64-bit (KB896727)
  http://www.microsoft.com/downloads/details.aspx?familyid=C24D3738-213A -41B8-84A3-2842B34D7B10&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64-bit Edition (KB896727)
  http://www.microsoft.com/downloads/details.aspx?familyid=F2D544E7-33F5 -4A65-A574-15495B05B883&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP Professional x64-bit Edition (KB8967
  http://www.microsoft.com/downloads/details.aspx?familyid=1181BC67-0A1D -4A06-99AC-5B2BC6DFE0F6&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer Microsoft Windows Server 2003 (KB896727)
  http://www.microsoft.com/downloads/details.aspx?familyid=0B96EC3-E954- 423A-9AB0-5712B9F14637&displaylang=en

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB896727)
  http://www.microsoft.com/downloads/details.aspx?familyid=194E0EE7-919C -4A8B-AD8D-01A4FE771942&displaylang=en