Downloads

Security Update, May 16, 2001

Published: May 16, 2001
**
Download

English

DownloadSecurity Update
352 KB file

Arabic

DownloadSecurity Update
352 KB file

Chinese (Simplified)

DownloadSecurity Update
352 KB file

Chinese (Traditional)

DownloadSecurity Update
352 KB file

Czech

DownloadSecurity Update
352 KB file

Danish

DownloadSecurity Update
352 KB file

Dutch

DownloadSecurity Update
352 KB file

Finnish

DownloadSecurity Update
352 KB file

French

DownloadSecurity Update
352 KB file

German

DownloadSecurity Update
352 KB file

Greek

DownloadSecurity Update
352 KB file

Hebrew

DownloadSecurity Update
352 KB file

Hungarian

DownloadSecurity Update
352 KB file

Italian

DownloadSecurity Update
352 KB file

Japanese

DownloadSecurity Update
352 KB file

Korean

DownloadSecurity Update
352 KB file

Norwegian

DownloadSecurity Update
352 KB file

Polish

DownloadSecurity Update
352 KB file

Portugese (Brazilian)

DownloadSecurity Update
352 KB file

Russian

DownloadSecurity Update
352 KB file

Slovak

DownloadSecurity Update
352 KB file

Slovenian

DownloadSecurity Update
352 KB file

Spanish

DownloadSecurity Update
352 KB file

Swedish

DownloadSecurity Update
352 KB file

Turkish

DownloadSecurity Update
352 KB file
**

Read This First

This update resolves several security vulnerabilities in Internet Explorer, and is discussed in Microsoft Security Bulletin MS01-027. Download now to help eliminate multiple certificate validation vulnerabilities and to help prevent malicious Web site operators from making it appear that the content from his or her Web site actually originated from another site, even a trusted or secure Web site. In addition, this update includes a previously released update that is discussed in Microsoft Security Bulletin MS01-020, which eliminates a vulnerability that allows a malicious user to run an executable e-mail attachment on your computer.

This update addresses these vulnerabilities:

A vulnerability that prevents Internet Explorer from correctly validating the digital certificates used in Secure Sockets Layer (SSL) sessions. Under a certain set of conditions, this vulnerability enables a malicious Web site operator to make his or her Web site appear to be a trusted site when it is not.

A vulnerability that could enable an attacker to make his or her Web site appear to be a different site. By posing as a site that you trust, the attacker's site might be able to persuade you to provide information that you would only provide to a trusted site.

The two new variants of the "Frame Domain Verification" vulnerability, which are discussed in Microsoft Security Bulletin MS00-033. (This site is in English.) These vulnerabilities could allow a malicious Web site operator to read, but not change or add, files on the computer of a visiting user.

This update also addresses the "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment" security vulnerability in Internet Explorer, and is discussed in Microsoft Security Bulletin MS01-020. This update eliminates the vulnerability by correcting the way Internet Explorer handles MIME (Multipurpose Internet Mail Extensions) headers in HTML (Hypertext Markup Language) e-mails, preventing e-mails from automatically launching executable attachments.

For more information about these vulnerabilities, read Microsoft Security Bulletin MS01-027.

Top of pageTop of page

System Requirements

Internet Explorer 5.01 Service Pack 2.

Top of pageTop of page

How to download and install

Select your language from the download box on the right.

Top of pageTop of page

How to use

Restart your computer to complete the installation.

Top of pageTop of page

How to uninstall

Uninstall is not available.

For More Information

Top of pageTop of page