IE June Security Update Now Available
The IE Cumulative Security Update for June 2009 is now available via Windows Update or Microsoft Update.
This update addresses seven privately reported vulnerabilities and one publicly disclosed vulnerability. The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles scripts, cached content, and initializes memory. For detailed information on the contents of this update, please see the following documentation:
This security update is rated Critical for Internet Explorer 5.01 on Windows 2000, Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows XP and Windows Vista. The security update is rated Important for Internet Explorer 6 Service Pack 1 on support editions of Windows 2000. The security update is rated Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows Server 2003 and Windows Server 2008. For Internet Explorer Beta products, download locations are available in the Knowledge Base Article.
IE security updates are cumulative and contain all previously released updates for each version of Internet Explorer.
I encourage everybody to download this security update and other non-IE security updates via Windows Update or Microsoft Update. Windows users are also strongly encouraged to configure their systems for automatic updates to keep their systems current with the latest updates from Microsoft.
Terry McCoy
Program Manager
Internet Explorer Security
Update 6/9 - typo correction in the second paragraph.
Comments
Anonymous
June 09, 2009
PingBack from http://www.tscmpro.com/?p=5494Anonymous
June 09, 2009
The latest IE cumulative update shipped today ; download it from WindowsUpdate when you get a chance.Anonymous
June 09, 2009
I have already downloaded this new IE update through Automatic Updates and it's been helpful. I don't see any plausible reason why some people turn off Automatic Updates and yet expect Windows to protect their computers. Thanks for providing great security.Anonymous
June 10, 2009
Just updated Windows 7. Now 7 fails to load.Anonymous
June 10, 2009
Visual C++ team has discovered that after installing the current release of Internet Explorer (InternetAnonymous
June 10, 2009
@Mike: Can you be more specific about what you mean when you say "Now 7 fails to load."?Anonymous
June 10, 2009
@Quality Directory - Re: "I don't see any plausible reason why some people turn off Automatic Updates" Depends on your position. If it is critical that your system works, you want to be sure the patches are good before you apply them. I worked for a College that had a huge deployment of Dell PCs. We came in one day, and automatic updates were turned on, to auto install. On this day though, there was a video driver update that completely hosed all PCs that got the update. They would boot 80%, then BSOD, and reboot (rinse, lather, repeat) When we discovered what was happening we turned off AU on the remaining "alive" PCs... I.T. went into overtime trying to restore the other PC's rolling back the update. In all, 75%+ of the entire network of PCs was "dead" for 8 hours. Needless to say, I.T. wisely changed the policy to download updates, but only let them apply once I.T. had run some sanity checks. Therefore I (like most) set my PCs to auto-download the updates, BUT I will always delay a day or two before applying. Once I'm sure there is no uproar from updates breaking things, then AND ONLY then will I update my boxes.Anonymous
June 10, 2009
After installing the latest batch of Windows updates I cannot open a second tab. Clicking on a second tab shuts down IE totally. You can open multiple browser windows but open a second tab and IE goes away. Anybody experience this?Anonymous
June 10, 2009
Can this and other MS updates have easy to find file download locations for those of us that cannot use windows update?Anonymous
June 10, 2009
Several people have reported improved performance/stability in IE8 on installing this. Does this patch contain changes not releated to security but to perforamnce or stbility ? Or does it for instance reregister IE8 related dll's ?Anonymous
June 10, 2009
@hAl: This update should resolve the performance/stability issue encountered by users with huge numbers of sites in the Restricted Zone.Anonymous
June 10, 2009
@John Orf: Do you repro this in no-addons mode? www.enhanceie.com/ie/troubleshoot.asp#crashAnonymous
June 10, 2009
Maybe it's just me, but today I can't get IE8 to keep from crashing. I installed all the updates yesterday. Even just sitting idle on the microsoft.com home page, boom! it's gone. I have tried resetting IE to all defaults (using Internet Options > Advanced > Reset). I have tried rebooting. I have tried running with -extoff I can't browse for more than two or three seconds without it shutting down. I've submitted a few dozen crash reports, and will continue to do so... This is extremely frustrating. Posting using Firefox, which has been stable so far.Anonymous
June 10, 2009
@EricLaw - aha, so this is to fix IE8 so that it is usable with Spybot Search & Destroy installed? Awesome, that means that I can actually use IE again. I had to shelve it since a week after the release due to this bug. Hopefully this means that IE won't be Connecting.......... for ever and ever.Anonymous
June 10, 2009
Doh! so much for that idea! It isn't much faster at all (if at all). Every page and new tab still says Connecting....... I give up - back to Firefox for good this time.Anonymous
June 10, 2009
Kurzbeschreibung: Finalversion des Windows Internet Explorer 8 (kurz: IE8) für Windows XP. Der IE8 ist die Internet Explorer-Version von Microsoft, welche bislang Web-Standards in der Voreinstellung am besten unterstützt. Dessen Installation ist somitAnonymous
June 10, 2009
The comment has been removedAnonymous
June 10, 2009
Why don't you guys quit making browsers and simply use Firefox as the default one? You're too far behind and don't appear to get anything right...Anonymous
June 11, 2009
@mustafa - I think for obvious reasons MS wants control over the browser they ship by default with the OS. Dropping Trident and forking webkit/khtml like Apple and Google did seems like a proven strategy though; I'm not sure why they don't do that. Still security issues come up in all software; that's why there's a Firefox 3.0.10 and a 3.0.11 in the works.Anonymous
June 11, 2009
Well, I've just spent the better part on 6 hours fixing bugs as displayed in IE7. If someone brought criminal charges against Microsoft for crimes against humanity I think they'd win.Anonymous
June 11, 2009
@A Rather Irritated Freelancer - you'll want to check out Web bug track then - its full of those pesky IE bugs (and fixes!) so you won't need to pull your hair out. ;-) http://webbugtrack.blogspot.com/ Well you'll still be frustrated but at least you'll have a solution!Anonymous
June 11, 2009
your system and browser is dead already and not so popular as in 90th yearsAnonymous
June 12, 2009
@MSFT - It has been reported that when Windows 7 is released in Europe that it will not be shipped with IE8 installed by default (due to the whole MS Monopoly Trial thing etc.) On a personal note although I don't live in Europe I fully welcome this resolution as it enforces some sense of a fair marketplace (but that's not where I'm going with this question). So if this is the outcome I'm curious as to what exactly this means? Will there still be MSHTML and Trident code within the OS... and just the IE Browser Application is removed? More importantly (there is a great catch 22 here), what options does the end user have when wanting to use the internet? Do they get an icon that is say a "Globe" labeled "Internet" that when clicked presents a dialog with a selection of browsers to install as the default Browser? e.g. Title: Default Web Browser Selection Message: Windows needs to install a Web Browser to connect to the Internet. Please select your preferred Web Browser from the list below and click Install. {alphabetical or random list of browsers (none pre-checked...} +----------------------------------+ ( ) Apple Safari (Logo) +----------------------------------+ ( ) Google Chrome (Logo) +----------------------------------+ ( ) Maxthon International Maxthon (Logo) +----------------------------------+ ( ) Microsoft Internet Explorer (Logo) +----------------------------------+ ( ) Mozilla Firefox (Logo) +----------------------------------+ ( ) Opera Software ASA Opera (Logo) +----------------------------------+ [Install] [Cancel] If the above sort of flow is not included to choose which browser to install... how exactly does it work? When I install Windows now, the first thing I do is fire up IE so I can download Firefox but that obviously won't work if IE is not installed. Thanks, marlovAnonymous
June 12, 2009
From CNET: Microsoft Memo to OEMs: "To ensure that Microsoft is in compliance with European law, Microsoft will be releasing a separate version of Windows 7 for distribution in Europe that will not include Windows Internet Explorer," the software maker said in the memo. "Microsoft will offer IE8 separately and free of charge and will make it easy and convenient for PC manufacturers to preinstall IE 8 on Windows 7 machines in Europe if they so choose. PC manufacturers may choose to install an alternative browser instead of IE 8, and has always been the case, they may install multiple browsers if they wish." Microsoft confirmed the authenticity of the document but declined to comment further.Anonymous
June 12, 2009
When do you plan to implement HTML5 in IE?Anonymous
June 13, 2009
Are there any yet known issues regarding KB989897 for IE8 on Windows XP (SP3)? I've received some reports in the meantime, that after KB989897 for IE8 has been installed, "Halo" doesn't start any longer and throws error "Cannot allocate required memory. Some other application has loaded where Halo needs to be located" instead. http://support.microsoft.com/kb/830704/en-us doesn't help in these cases, while uninstalling KB969897 is claimed to cure that issue (but have a potentially vulnerable IE8/Windows systems instead). It's also claimed, that the "Halo" issue does not happen with KB969897 for IE7. Since I'm not having "Halo" installed (nor any other game <duck>), I'm not able to open a case with PSS (I've advised the problem reporters to do so meanwhile). Any hints? TIAAnonymous
June 13, 2009
Win xp hangs on startup after the June 10th 2009 windows automatic update. Solution: install all the updates, even the IE update.Anonymous
June 15, 2009
The comment has been removedAnonymous
June 16, 2009
Ooops, sorry, I ment KB969897 for IE8 on Windows XP (SP3) of course here: http://blogs.msdn.com/ie/archive/2009/06/09/ie-june-09-security-update-now-available.aspx#9746324 Any indications on what exactly may be causing the issue, which has been confirmed to be existing by more users right now? TIA, FreudiAnonymous
June 17, 2009
Over here the same problem as Ottmar since I installed the June security patches. Halo does not start anymore and gives "Cannot allocate required memory. Some other application has loaded where Halo needs to be located".Anonymous
June 17, 2009
I got that security update KB969897 for IE8 on Windows XP (SP3) but it took a long time.Anonymous
June 17, 2009
Great, waited for this a long time.Anonymous
June 18, 2009
Same problem in Spain http://meneame.net/story/otro-caso-abuso-microsoft-actualizaciones-windows-xpAnonymous
June 18, 2009
What can I do!!? I want to play itAnonymous
June 18, 2009
I wonder if this security update, or another recent one, has something to do with a strange phenomenon we've seen on 3 machines running Vista. (We currently have 10 or so machines running Vista, out of a total of 60+ workstations.) On these machines, within the last 10 days, some process has relocated IExplore.exe (just that file!) from its normal location (C:WindowsInternet Explorer) to a generated path that incorporates IE's version number. For example, one of the machines that was running IE 8 now has IExplore.exe in the following location: "C:Windowswinsxsx86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126iexplore.exe" When this occurs the installed shortcuts in the user's profile (under All Programs and in the Quick Launch region of the taskbar) are automatically updated to point to the new location. However, some other aspects of IE's shell integration are not updated. For example, the file type registration associating IExplore.exe with the HTML file type (.htm, .html) is left untouched, and is therefore broken. In addition, the App Paths setting* is left alone; this will cause problems for other apps that invoke IExplore.exe by name. (Obviously apps that use the full path will also have problems.) Finally, an attempt to reset IE as the default browser on the system evidently fails, although there is no error indication when this occurs. One prominent manifestation of this failure is the failure of hyperlinks in Outlook messages which formerly worked with IE set as the default browser. (Setting Firefox or another browser as the default resolves this particular problem.) So far, I have been unable to find discussions of a similar problem in Google searches. Does an article recently posted in MSKB explain what is going on?
The App Paths setting in the registry allows an application to be run by name (eg, START iexplore) via the Windows console's START command or via the Windows Run dialog. (See the Windows shell integration documentation.) The relevant registry key is the following: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionApp PathsIEXPLORE.EXE
Anonymous
June 18, 2009
Correction of a brain fart in the previous comment: ////////////////// On these machines, within the last 10 days, some process has relocated IExplore.exe (just that file!) from its normal location (C:Program FilesInternet Explorer) to a generated path that incorporates IE's version number. For example, one of the machines that was running IE 8 now has IExplore.exe in the following location: "C:Windowswinsxsx86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126iexplore.exe" //////////////////Anonymous
June 18, 2009
One more followup to the previous two comments: We've seen the relocation of Iexplore.exe occur on two machines that were running IE 7 at the time. (On the third machine IE 8 was already installed.) On one of these machines, an attempt to resolve the manifestations was made by installing IE 8. The installation apparently went through, but some unidentified process immediately moved IExplore again, to the path given in my earlier comment (4:22 PM).Anonymous
June 18, 2009
This update has failed to installed on my XP SP3 HP notebook 4 times. I even disabled my AV to see if that would help. Although I've seen other blogs about this install failure none of the suggestions found so far have helped. I have also noticed that printing to my network printer no longer works.Anonymous
June 18, 2009
@Nick Lewis And the IE version you're having running is? You may want to look for an error code to be found on the Windows Update site and the Update History there. Move the mouse pointer onto or click the "white cross on red background" symbol right beside the failing update.Anonymous
June 19, 2009
The comment has been removedAnonymous
June 21, 2009
anyone know a working solution for the halo problem with the june updates? ps: halo error is: it can't allocate memory.