• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer Persistent Modal Dialog Window Address Bar Spoofing Vulnerability

Solution:
Microsoft has released a cumulative security update to address this issue.

Reportedly, the fixes provided in MS06-013 may cause unintended breakage with certain ActiveX controls. Symantec has not confirmed this. Before deploying this patch in production environments, users should thoroughly test the patch to ensure that it doesn't interfere with other software.


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Update for Internet Explorer 6 SP1 (KB916281)
  Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=0EB17A41-FB43 -413B-A5CC-41E1F3DEDE4F&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 (KB916281)
  For Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=CCE7C875-C9A4 -4C3D-A37B-946EE5E781E7&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB916281) -
  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=C8E4CFB6-1350 -4AAE-B681-EE2ECAB41118&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 x64 Edition (KB916281)
  Microsoft Windows Server 2003 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=1C7D5C6D-DDCF -485D-A1E3-60E55334FD74&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB916281)
  For Microsoft Windows XP Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=85CABE87-C4A0 -4F80-BD1C-210E23FD8D81&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP x64 Edition (KB916281)
  Microsoft Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=F91791AC-8185 -4346-AA66-89F74D4B5EA7&displaylang=en

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 (KB916281)
  For Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=CCE7C875-C9A4 -4C3D-A37B-946EE5E781E7&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB916281) -
  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=C8E4CFB6-1350 -4AAE-B681-EE2ECAB41118&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 x64 Edition (KB916281)
  Microsoft Windows Server 2003 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=1C7D5C6D-DDCF -485D-A1E3-60E55334FD74&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB916281)
  For Microsoft Windows XP Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=85CABE87-C4A0 -4F80-BD1C-210E23FD8D81&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP x64 Edition (KB916281)
  Microsoft Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=F91791AC-8185 -4346-AA66-89F74D4B5EA7&displaylang=en

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Update for Internet Explorer 5.01 Service Pack 4 (KB916281)
  Microsoft Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=91A997DE-BAE4 -4AC7-912D-79EF8ABAEF4F&displaylang=en