Update Available for the "Malformed Favorites Icon" Issue

ID: Q231450

The information in this article applies to:

Microsoft Internet Explorer version 5 for Windows 98
Microsoft Internet Explorer version 5 for Windows 95
Microsoft Windows 98 Second Edition

SUMMARY

Microsoft has released an update to Internet Explorer 5.0 that addresses a potential security issue with icons from a Web site that are added to your list of favorites. Internet Explorer 5 includes a feature that permits a Web site administrator to customize the icon used when you add a Web site to your list of favorites. The icon from the Web site could be modified by a malicious Web site administrator in such a way that it would run executable programs on your client computer. Additional information about this issue is available from the following Microsoft Web sites:

http://www.microsoft.com/security/bulletins/current/ms99-018.asp

http://www.microsoft.com/windows/ie/security/favorites.asp

Updates are available for the following products:

Microsoft Internet Explorer 5 for Windows 95

Microsoft Internet Explorer 5 for Windows 98

NOTE: Microsoft Internet Explorer 4.x and earlier versions are not affected by this issue, and this includes any version of Internet Explorer on the following platforms:

Microsoft Windows NT

Microsoft Windows 3.x

MacIntosh

Unix on Sun Solaris

MORE INFORMATION

Updated File Name: Shdocvw.dll
Availability: http://windowsupdate.microsoft.com/default.htm

Updated File Name Size (bytes) Date Version

Shdocvw.dll 94,6448 5/21/99 5.0.2717.2000

This update also resolves the "Legacy Activex Control" security issue documented in the following article in the Microsoft Knowledge Base:

Updated File Name	Size (bytes)	Date	Version
Shdocvw.dll	94,6448	5/21/99	5.0.2717.2000

Q231452 Update Available for "Legacy ActiveX Control" Issue

Additional query words:


Keywords          : kbenv msiew95 msiew98 win98se 
Version           : WINDOWS:5
Platform          : WINDOWS 
Issue type        : kbprb

Last Reviewed: June 28, 1999