DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 916281 - Last Review: September 30, 2011 - Revision: 4.0

On This Page

Microsoft has released security bulletin MS06-021. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web sites: Notes
  • Controls that prompt before they are loaded
    Note This issue occurs on Web sites that do not use the recommended techniques. This issue is resolved by using the techniques that are described on the following Microsoft Web site:
    http://msdn.microsoft.com/en-us/ie/default.aspx (http://msdn.microsoft.com/en-us/ie/default.aspx)
    When certain controls are loaded on a Web page, the controls are not correctly masked by the functionality of this update. These controls include controls that are used in Macromedia Shockwave Director, in Apple QuickTime Player, and in Virtools Web Player. When Windows determines that a control is inactive, the system prompts the user before the control is loaded.
  • Siebel programs that use ActiveX controls
    Update 912945 affects all Siebel 7 High Interactive clients. After you apply this update, you must click several times to interact with the Siebel program, one time for each ActiveX control in the program. Siebel is working with Microsoft to identify a solution. A Siebel product update is expected to be released some time in the spring of 2006. For more information about Siebel product updates, visit the following Siebel Support Web site:
    http://www.oracle.com/siebel/index.html (http://www.oracle.com/siebel/index.html)
    Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
  • ActiveX controls that use Java Platform, Standard Edition 1.3 or Standard Edition 1.4
    After you click an ActiveX applet control in a program that runs the applet control by using Java Platform, Standard Edition (J2SE) 1.3 or J2SE 1.4, the focus does not go to the applet control. You must click the control again to establish focus. The focus behavior works correctly in J2SE 1.5. To obtain the latest version of J2SE, visit the following Sun Microsystems, Inc. Web site:
    http://java.sun.com/j2se (http://java.sun.com/j2se)
    For techniques that you can use to make sure that ActiveX controls function without user interaction, visit the following Microsoft Web site:
    http://msdn.microsoft.com/en-us/ie/default.aspx (http://msdn.microsoft.com/en-us/ie/default.aspx)
  • Cumulative security update 910620 includes the security fixes that are documented in security bulletin MS06-004
    The update rollup also includes hotfixes for Microsoft Internet Explorer that have been released after the release of security bulletin MS04-004 and after the release of security bulletin MS04-038.
  • If update rollup 873377, update rollup 889669, or an Internet Explorer hotfix that was released after security bulletin MS04-038 are not installed and if you want to install the hotfixes that are included in update rollup 896727, you must follow the instructions in Microsoft Knowledge Base article 897225. Otherwise, all Internet Explorer hotfixes that you have installed are removed.
    897225  (http://support.microsoft.com/kb/897225/ ) How to install hotfixes that are included in cumulative security updates for Internet Explorer 6 Service Pack 1
  • Performance issue is resolved
    In certain cases, when a page contains many ActiveX controls that require activation, rendering of the page may be significantly slower. This issue is resolved and has been addressed in the Internet Explorer cumulative update 916281.
  • Microsoft .NET controls issue is resolved
    Access violations had been reported in pages that include .NET WinForms controls. This issue is resolved and is addressed in Internet Explorer cumulative update 916281.
  • Security warning dialog for mixed content appears when you open PDF files by using HTTPS URLs
    This issue is resolved. In certain cases, after you apply update 912945, a security warning dialog appears when mixed content is displayed. This problem occurs when you try to open a PDF file by using HTTPS URLs. This issue is addressed in Internet Explorer cumulative update 916281.
  • Internet Explorer does not enable ActiveX controls that are dynamically inserted into an HTML page by a binary behavior
    This issue is resolved. After you apply security update 912812 (MS06-013), Internet Explorer does not enable ActiveX controls that are dynamically inserted into an HTML page by a binary behavior. This issue is addressed in Internet Explorer cumulative update 916281. For more information about this problem, click the following article number to view the article in the Microsoft Knowledge Base:
    917783  (http://support.microsoft.com/kb/917783/ ) FIX: Internet Explorer does not enable ActiveX controls that are dynamically inserted into an HTML page by a binary behavior after you install security update MS06-013

Updates that are included in all the security update 910620 packages

  • 896156  (http://support.microsoft.com/kb/896156/ ) FIX: Internet Explorer 6 may stop responding, and you may receive an error message when you dynamically remove an HTML element from a Web page
  • 917772  (http://support.microsoft.com/kb/917772/ ) Internet Explorer 6 exits unexpectedly when you run a program that uses a Web browser control to iterate through the IHTMLStyleSheetsCollection interface
  • 905498  (http://support.microsoft.com/kb/905498/ ) FIX: The onbeforeunload event unexpectedly occurs when you view a Web page in Internet Explorer 6 on a computer where Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1 is installed
Known issues
  • After you install this security update, Web applications that are reliant on scripts in their pages may crash because of a vulnerability in JScript. This issue has been resolved. The fix is included in the most recent JScript update. For more information about this update, click the following article number to view the article in the Microsoft Knowledge Base:
    917344  (http://support.microsoft.com/kb/917344/ ) MS06-023: Vulnerability in Microsoft JScript could allow remote code execution
  • In Microsoft Windows XP with Service Pack 2 and in Microsoft Windows Server 2003 with Service Pack 1, the Add or Remove Programs item in Control Panel lists software updates. Add or Remove Programs lists software updates under the name of the product to which the updates apply. In Windows XP with Service Pack 2, Add or Remove Programs lists this update under Windows XP - Software Updates. In Windows XP with Service Pack 2, Add or Remove Programs does not show "Installed On" information for this update. Therefore, this update does not appear in the order of installation. Instead, this update appears at the top of the Windows XP – Software Updates list.
  • After you install this security update, chapters in some Windows Media High Definition Video (WMV HD) DVDs do not play when you click the chapters in Microsoft Windows Media Player. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
    884487   (http://support.microsoft.com/kb/884487/ ) A chapter does not play when you click it in some WMV HD DVD disks in Windows Media Player
  • ActiveX controls may not load as expected in Internet Explorer. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
    909889  (http://support.microsoft.com/kb/909889/ ) ActiveX controls may not load as expected in Internet Explorer due to defense in depth changes introduced in cumulative security update 896688 (MS05-052)
  • A Web page that contains an ActiveX control may not load as expected in Internet Explorer. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
    909738  (http://support.microsoft.com/kb/909738/ ) A Web page that contains a custom ActiveX control may not load as expected in Internet Explorer due to defense in depth changes introduced in cumulative security update 896688 (MS05-052)
  • The use of monikers is no longer supported in Internet Explorer. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
    906294  (http://support.microsoft.com/kb/906294/ ) The use of monikers is no longer supported in Internet Explorer after installing the security updates provided by cumulative security update 896727 (MS05-038)
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

APPLIES TO
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
  • Microsoft Windows Server 2003, Standard x64 Edition
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Server 2003, Datacenter x64 Edition
  • Microsoft Windows Small Business Server 2003 Premium Edition
  • Microsoft Windows Small Business Server 2003 Standard Edition
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows XP Media Center Edition 2005
  • Microsoft Small Business Server 2000 Standard Edition
Keywords: 
kbwinserv2003sp2fix kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbwinxppresp2fix kbbug kbfix kbwinserv2003presp1fix kbwin2000presp5fix kbwinnt400presp7fix KB916281
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support