Spyware Sucks

Well, for heavens sake, it seems I sure did choose the WRONG month for a family holiday... check out these new KB articles... I swear, they're watching, waiting for me to take a few days off, then they release all this stuff.... (ok, guys, you know I'm kidding, but man o man, I wish y'all had better timing ....)

HOTFIX:  When you use IE7 to visit a Web site that includes certain VBScript functions, IE7 may crash

Consider the following scenario:• You use Windows Internet Explorer 7 to visit a Web site. The Web site includes one of the following Microsoft Visual Basic Scripting Edition (VBScript) functions:

• MsgBox
• InputBox
• The Phishing Filter feature is enabled in Internet Explorer.

In this scenario, Internet Explorer 7 may crash.

http://support.microsoft.com/default.aspx/kb/940284

-----

Microsoft Security Advisory: Vulnerability in Windows XP and Windows Server 2003 URL handling could allow remote code execution

Microsoft is investigating public reports of a remote code execution vulnerability in supported editions of Windows XP and Windows Server 2003 that have Windows Internet Explorer 7 installed. Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:

http://support.microsoft.com/default.aspx/kb/943521

-----

HOTFIX:  The translucent layers intermittently turn gray when you browse a Web page that contains translucent layers by using IE7

This problem occurs because of a race condition in Internet Explorer. This race condition occurs when two threads concurrently call the SelectObject function on the Windows GDI HBITMAP handle.

http://support.microsoft.com/default.aspx/kb/942174

-----

Description of IE7 Installation and Availability Update

This article discusses the availability of the Windows Internet Explorer 7 Installation and Availability Update. This article also describes changes in the installation experience and improvements in the Internet Explorer 7 user interface. Additionally, download information is included.

http://support.microsoft.com/default.aspx/kb/940767

-----

You receive a WM_ACTIVATE message after you receive a WM_KILLFOCUS message in IE7

This behavior occurs because of a design change in Internet Explorer 7. When a modal dialog box is opened from the ActiveX control in Internet Explorer 7, the User32.dll process sends the WM_ACTIVATE message to the top window. Then, the User32.dll process sends the WM_KILLFOCUS message to the focus window.

In Internet Explorer 6, the WM_ACTIVATE message is converted directly to call the IOleInPlaceActiveObject::OnFrameWindowActivate method. This behavior occurs because the top window is located on the same thread as the ActiveX control. However, in Internet Explorer 7, the top window is located on a different thread because each tab runs on its own thread. To safely notify the tab thread of the activation change, the top window must run a PostMessage function. Therefore, the WM_ACTIVATE message arrives later than the WM_KILLFOCUS message.

http://support.microsoft.com/default.aspx/kb/939851

-----

HOTFIX:  When you open a Web page by typing a File URI in the Windows IE& Address Bar on a Windows Vista based computer, the query string disappears from the Address Bar after the Web page opens

In Windows Vista, when you type a File URI in the Address bar of a low-rights instance of Internet Explorer 7, Internet Explorer 7 starts a normal-rights instance of Internet Explorer 7 to handle the File URI. To do this, Internet Explorer passes the File URI to the normal-rights instance by using a command line. On the command line, the fragments and queries of the File URI are removed. Therefore, this problem occurs. These fragments and queries of the File URI are also removed if you run a command to open the Web page in Windows XP or in Windows Server 2003.

http://support.microsoft.com/default.aspx/kb/942172

-----

Error message after you install a Windows IE7 update from Windows Upate or from Microsoft Update: "Webpage cannot be displayed"

This problem may occur because the file signatures for the core Windows Internet Explorer 7 files may be changed when the update is installed. If a third-party security program is installed on the computer, that program may then block the updated version of Windows Internet Explorer 7 from accessing the Internet.

http://support.microsoft.com/default.aspx/kb/942818

-----

You can use .msi files to deploy IE7 in Active Directory environments

Currently, large corporations use enterprise-wide deployment mechanisms such as Software Update Services (SMS) or Windows Server Update Services (WSUS) to deploy applications. These applications may include Windows Internet Explorer.

However, smaller organizations that do not use these deployment mechanisms use Active Directory distribution mechanisms to assign and to publish specific sets of applications to specific sets of individuals. To deploy applications in Active Directory environments, the application installer must be a Windows Installer package.

Earlier Internet Explorer 7 packages were not .msi files. Therefore, you cannot deploy the earlier packages in Active Directory environments. For the re-release of Internet Explorer Administration Kit 7 (IEAK 7), we have created a Windows Installer wrapper for IEAK 7 output packages. In this manner, organizations can deploy these packages in Active Directory environments. Then, corporations do not have to use enterprise-wide deployment mechanisms such as SMS or WSUS. Therefore, in Active Directory environments, the corporations can control the deployment of Internet Explorer on corporate-wide computers without requiring physical access to client computers.

http://support.microsoft.com/default.aspx/kb/942812

-----

The AutoComplete feature does not work in IE7

Registry fix:  This problem occurs when the value of the FormSuggest registry entry that is located under the following registry subkey is set to 0:  HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel

http://support.microsoft.com/default.aspx/kb/942090

-----

HOTFIX: The content color does not appear as expected when you view a Web page that uses a customized ICM profile for theICMFilter filter in IE7

This problem occurs because of an error in the Dxtmsft.dll file. Because of this error, Internet Explorer 7 cannot find the ICM profile.

http://support.microsoft.com/default.aspx/kb/942171

-----

HOTFIX: Error message when you try to move or resize a window on a computer that as IE7 installed: "An error has occurred in the script on this page"

This issue occurs because of a design change. This design change helps enhance security on the computer by blocking any move or resize functions.

Windows uses a script to block these functions when the mouse button is down. If the mouse button is down, Windows considers the operation to be a drag operation. Windows blocks any move or resize functions. This behavior helps prevent an attacker from transferring malicious files to the computer.

http://support.microsoft.com/default.aspx/kb/942173