RSS
Subscribe to magazine
Follow us on:

Downloads

  • Recommend:

Second Cumulative Patch for Internet Explorer 5.5 and 6

  • Downloads Count: 116,450
  • License Type: Free
  • Price: Free
  • Date Added: Dec 23, 2002
  • Operating Systems: Microsoft Windows NT 4.0, Microsoft Windows 2000, Microsoft Windows 98, Microsoft Windows ME, Microsoft Windows 98, Microsoft Windows ME, Microsoft Windows XP
  • Author: Microsoft

Before you download:

Click here to scan Windows for issues affecting performance »

Sponsored Link

Description of Second Cumulative Patch for Internet Explorer 5.5 and 6

Internet Explorer 5.5 and 6, like most new software offerings, come with a whole new set of problems. But how do you keep up with all the most current patches? This update closes all known security holes affecting these browsers (as of December 13) and addresses three new security issues: One security flaw allows an attacker to alter HTML header information to make IE believe that an executable file is actually a different type of file--one that it is appropriate to simply open without asking the user for confirmation. This could enable the attacker to create a Web page or HTML e-mail that, when opened, would automatically run an executable on the user's system. This vulnerability affects IE 6.0 only, not 5.5.

The second issue is a newly discovered variant of the Frame Domain Verification vulnerability. This could enable a malicious Web site operator to open two browser windows, one in the web site's domain and the other on the user's local file system, and to pass information from the latter to the former. This could enable the site operator to read, but not change, any file on the user's local computer that could be opened in a browser window. This affects both IE 5.5 and 6.0.

The third flaw is related to the display of file names in the File Download dialog box. When a download is initiated, a dialog provides the name of the file. However, in some cases it is possible for an attacker to misrepresent the name of the file in the dialog. This could be invoked from a Web page or in an HTML e-mail in an attempt to fool users into accepting unsafe file types from a trusted source. This vulnerability affects both IE 5.5 and 6.0.

Sponsored

 
You are browsing Internet: Patches & Drivers

  • Product Name
    Date Added
    License
  • Internet Explorer 5.5 Service Pack 2 and Internet Tools
      724,369
    Aug 24, 2005
    Free

    Get bug fixes and recently added features for IE.

     
  • Windows Update for Internet Explorer
      7,017
    Oct 10, 2000
    Free

    Close up a security breach in IE 5 with this patch.

     
  • Winsock 2 Update
      26,554
    Mar 8, 1998
    Free

    Update to the Winsock Sockets 2 DLL for Windows 95.

     
  • Second Cumulative Patch for Internet Explorer 5.5 and 6
      116,450
    Dec 23, 2002
    Free

    Fix all of the known security bugs in Internet Explorer 5.5 and 6.

     
  • Microsoft Office XP Update SP-1
      23,029
    Jan 29, 2002
    Free

    Correct many of the issues surrounding Office XP with this collection of patches.

     
  • Small Business Tools, Office XP Update
      5,368
    Oct 30, 2002
    Free

    Correct a bug that keeps upgraders to Office XP from using Small Business Tools 2000 components.

     
  • IPaq H3600 Series Pocket PC PCMCIA Update
      11,517
    Apr 16, 2001
    Free

    Make your IPaq Pocket PC recognize certain modem cards; iron out system bugs as well.

     
  • ThingMaker
      7,071
    Nov 11, 1998
    Trial

    Spice up your presentations for the Web with animation and interactivity.

     
  • AdWiper
      8,521
    Apr 24, 2000
    Shareware

    Remove banner ads on the Web pages you visit.

     
  • Cosmo Player
      40,170
    Oct 30, 2002
    Free

    Explore virtual reality (VRML 2.0) sites on the Web with this plug-in.

     

Lenovo Laptop Deals

Subscribe to the Daily Downloads Newsletter - every weekday

See All Newsletters »