IE August Security Update is Now Available

The IE Cumulative Security Update for August 2007 is now available via Windows Update. Alternatively, you can receive this and all other Microsoft updates via the new Microsoft Update. I encourage you to upgrade to Microsoft Update if you haven’t already to ensure that you receive the latest updates for all Microsoft products.

This update addresses 3 remote code execution vulnerabilities. This bulletin also includes killbits for some vulnerable third-party ActiveX controls. These have been set at the request of the owners. For detailed information on the contents of this update, please see the following documentation:

This updated is rated “Critical” for IE 5.01, IE6 Service Pack 1 on Windows 2000, IE6 and Windows XP; “Moderate” for IE6 on Windows Server 2003; “Important” for IE7 on Windows XPSP2 and IE7 in Windows Vista; “Low for IE7 on Windows Server 2003.

This update also addresses an unexpected “Save File” security dialog experienced by some users upon launching Internet Explorer after relocating the “Temporary Internet Files” folder to a custom location. We posted about this behavior here.

As a reminder, IE security updates are cumulative and contain all previously released updates for each version of Internet Explorer.

I encourage everybody to download this security update and other non-IE security updates via Windows Update or Microsoft Update. Windows users are also strongly encouraged to configure their systems for automatic updates to keep their systems current with the latest updates from Microsoft.

Terry McCoy
Program Manager
Internet Explorer Security