Update Available For "DHTML Edit" Security Issue

ID: Q226326

The information in this article applies to:

Microsoft Internet Explorer versions 4.0, 4.01 Service Pack 2, 5 for Windows 98
Microsoft Internet Explorer versions 4.0, 4.01, 4.01 Service Pack 1, 4.01 Service Pack 2, 5 for Windows 95
Microsoft Internet Explorer versions 4.0, 4.01, 4.01 Service Pack 1, 4.01 Service Pack 2, 5 for Windows NT 4.0
Microsoft Windows 98

SUMMARY

Microsoft has released an update that addresses a potential security issue in the Dynamic Hypertext Markup Language (DHTML) Edit ActiveX control, which is available in Internet Explorer 5 and can be downloaded for Internet Explorer 4.x. Additional information about this issue is available from the following Microsoft Web sites:

http://www.microsoft.com/windows/ie/security/dhtml_edit.asp

http://www.microsoft.com/security/bulletins/ms99-011.asp

Updates are available for the following products:

Microsoft Internet Explorer 4.0, 4.01 for Windows 95 and Windows NT 4.0 (x86)

Microsoft Windows 98

Microsoft Internet Explorer 5 for Windows 95, Windows 98, and Windows NT 4.0 (x86 and Alpha)

This update eliminates a vulnerability in this control that could allow a malicious Web site operator to read information that has been loaded into the control, and it also could allow files with known names to be copied from the local hard disk.

MORE INFORMATION

Update Information by Product:

NOTE: If you are using Internet Explorer 4.0 or 4.01, you must install Internet Explorer 4.01 Service Pack 1 or 2 in order to apply this update. You can install Internet Explorer 4.01 Service Pack 2 from the following Microsoft Web site:

http://www.microsoft.com/ie/download

Microsoft Internet Explorer 4.01 with Service Pack 1 or 2 for Windows 95 or Windows NT 4.0 x86:

Update File Name: dhtmled4.exe
Availability: http://www.microsoft.com/windows/ie/security

Updated File Name	Size (bytes)	Date	Version
Dhtmled.ocx	136,208	4-05-99	6.1.0.8244
Triedit.dll	204,907	4-02-99	6.1.0.8243

Windows 98:

Update File Name: dhtmled4.exe
Availability: http://www.microsoft.com/windows/ie/security

Updated File Name	Size (bytes)	Date	Version
Dhtmled.ocx	136,208	4-05-99	6.1.0.8244
Triedit.dll	204,907	4-02-99	6.1.0.8243

Microsoft Internet Explorer 5 for Windows 95, Windows 98, or Windows NT 4.0 x86:

Update File Name: dhtmled5.exe
Availability: http://www.microsoft.com/windows/ie/security

Updated File Name	Size (bytes)	Date	Version
Dhtmled.ocx	140,664	4-05-99	6.1.0.8456

Microsoft Internet Explorer 5 for Windows NT 4.0 Alpha:

Update File Name: dhtmled5ax.exe
Availability: http://www.microsoft.com/windows/ie/security

Updated File Name	Size (bytes)	Date	Version
Dhtmled.ocx	246,920	4-05-99	6.1.0.8457

Additional query words: patch 4.00 5.0 5.00


Keywords          : msiew95 msient win98 ie4sp1 msiew98 
Version           : WINDOWS:4.0,4.01,4.01 Service Pack 1,4.01 Service Pack 2,5
Platform          : WINDOWS 
Issue type        : kbinfo

Last Reviewed: April 19, 1999