Update Available for "Legacy ActiveX Control" Issue

ID: Q231452


The information in this article applies to:


SUMMARY

A potential security vulnerability has been found in the Preloader ActiveX control. This control could be used by a malicious Web site administrator to obtain a list of files from your local hard disk. This control has been removed from the Microsoft Web site, and a patch has been issued that does not permit use of this control. Additional information about this issue is available from the following Microsoft Web sites:

http://www.microsoft.com/security/bulletins/ms99-018.asp
http://www.microsoft.com/windows/ie/security/favorites.asp
Updates are available for the following products:


MORE INFORMATION

The ActiveX preloader control previously found at http://activex.microsoft.com/controls/iexplorer/x86/iepreld.cab has been removed and its class ID has been removed from the registry. The control will not be updated or replaced. This update also resolves the "Malformed Favorites Icon" security issue documented in the following article in the Knowledge Base:

Q231450 Update Available for the "Malformed Favorites Icon" Issue

Additional query words: 1.0 1.00 2.0 2.00 3.00 4.00 5.0 5.00


Keywords          : kbenv msiew95 msient msiew98 
Version           : WINDOWS:3.0,3.01,3.02,4.0,4.01,4.01 Service Pack 1,4.01 Service Pack 2,5
Platform          : WINDOWS 
Issue type        : kbprb 

Last Reviewed: June 7, 1999