Hello. My name is Al Billings and I'm a test engineer on the Internet Explorer test team posting to the IE Blog for the first time.
I want to announce that the April 2005 security updates are available and that a critical update for Internet Explorer is included:
- MS05-020 – Cumulative Security Update for Internet Explorer (890923)
This contains fixes for the following vulnerabilities:
- DHTML Object Memory Corruption Vulnerability (CAN-2005-0553)
- URL Parsing Memory Corruption Vulnerability (CAN-2005-0554)
- Content Advisor Memory Corruption Vulnerability (CAN-2005-0555)
Details on the vulnerabilities and workarounds can be found at http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx.
This is a “critical” update and affects all supported IE configurations from IE5.01 to IE6 for XPSP2. It is also a cumulative update. It includes hotfixes that have been released since the release of MS04-004 or MS04-025 but they will only be installed on systems that need them.
I encourage everybody to download these updates and other non-IE updates via Windows Update. Windows users are also strongly encouraged to turn on automatic updates on their systems so updates are downloaded more easily.