Update for "Javascript Redirect" Vulnerability in Internet Explorer 4.01

ID: Q244356

The information in this article applies to:
  • Microsoft Internet Explorer version 4.01 Service Pack 2 for Windows 98
  • Microsoft Internet Explorer version 4.01 Service Pack 2 for Windows NT 4.0
  • Microsoft Internet Explorer version 4.01 Service Pack 2 for Windows 95

SYMPTOMS

Microsoft has made an update available that addresses a potential security issue in which an HTTP redirect to a javascript:url can be used to compromise security. This issue could allow a malicious Web site operator to read files on the local computer, although the intruder would have to know the name and location of the file. The vulnerability does not allow the malicious user to list the contents of folders, create, modify or delete files.

Additional information about this issue is available from the following Microsoft Web sites:

Updates are available for the following products:
  • Microsoft Internet Explorer 4.01 SP2 for Windows 95
  • Microsoft Internet Explorer 4.01 SP2 for Windows NT 4.0 (Alpha and x86)
  • Microsoft Windows 98


RESOLUTION

To obtain this update, download and install the appropriate Q244356.exe file for your computer from the following Microsoft site:

The English-language version of this fix should have the following file attributes or later:

Internet Explorer 4.01 Service Pack 2
   File name           Size                Date       Version
   ----------------------------------------------------------------
   Urlm95.dll          449,808 (x86)       10-25-99   4.72.3710.2500
   Urlmnt.dll          490,256 (x86)       10-25-99   4.72.3710.2500
   Urlmon.dll          830,736 (alpha)     10-25-99   4.72.3710.2500
Note that the Urlm95.dll and Urlmnt.dll files are renamed to Urlmon.dll when they are installed to their respective Windows 95 or Windows NT platform.


MORE INFORMATION

After you install this update "Q244356" is added to the Update Versions line when you click About Internet Explorer on the Help menu in Internet Explorer.
For additional information about the update for Internet Explorer 5, click the article number below to view the article in the Microsoft Knowledge Base:

Q244357 Update for "Javascript Redirect" Vulnerability in Internet Explorer 5

Additional query words:

Keywords : kbtool ntsecurity msiew95 msient msiew98
Version : WINDOWS:4.01 Service Pack 2
Platform : WINDOWS
Issue type : kbprb


Last Reviewed: December 8, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.