• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer Erroneous IOleClientSite Data Zone Bypass Vulnerability

Solution:

Microsoft has released a cumulative security update to address this issue.

Reportedly, the fixes provided in MS06-013 may cause unintended breakage with certain ActiveX controls. Symantec has not confirmed this. Before deploying this patch in production environments, Users should thoroughly test the patch to ensure that it doesn't interfere with other software.


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Update for Internet Explorer 6 SP1 (KB912812)
  http://www.microsoft.com/downloads/details.aspx?familyid=033C41E1-2B36 -4696-987A-099FC57E0129&displaylang=en

Microsoft Internet Explorer 6.0 SP2 - do not use

• Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB912812)
  http://www.microsoft.com/downloads/details.aspx?familyid=F05FFB31-E6B4 -4771-81F1-4ACCEBF72133&displaylang=en

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Update for Internet Explorer 6 SP1 (KB912812)
  http://www.microsoft.com/downloads/details.aspx?familyid=033C41E1-2B36 -4696-987A-099FC57E0129&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 (KB912812)
  http://www.microsoft.com/downloads/details.aspx?familyid=EE566871-D217 -41D3-BECC-B27FAFA00054&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB912812) -
  http://www.microsoft.com/downloads/details.aspx?familyid=E584957C-0ABE -4129-ABAF-AA2852AD62A3&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 x64 Edition (KB912812) - English
  http://www.microsoft.com/downloads/details.aspx?familyid=5A1C8BE3-39EE -4937-9BD1-280FC35125C6&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB912812)
  http://www.microsoft.com/downloads/details.aspx?familyid=F05FFB31-E6B4 -4771-81F1-4ACCEBF72133&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP x64 Edition (KB912812)
  http://www.microsoft.com/downloads/details.aspx?familyid=C278FE3E-620A -4BBC-868B-CA2D9EFF7AC3&displaylang=en

Microsoft Internet Explorer 5.0.1 for Windows 2000

• Microsoft Cumulative Update for Internet Explorer 5.01 Service Pack 4 (KB912812)
  http://www.microsoft.com/downloads/details.aspx?familyid=594E7B87-AF8F -4346-9164-596E3E5C22B1&displaylang=en