April IE Security Update is Available

Hello. My name is Al Billings and I'm a test engineer on the Internet Explorer test team posting to the IE Blog for the first time.

I want to announce that the April 2005 security updates are available and that a critical update for Internet Explorer is included:

MS05-020 – Cumulative Security Update for Internet Explorer (890923)

This contains fixes for the following vulnerabilities:

DHTML Object Memory Corruption Vulnerability (CAN-2005-0553)
URL Parsing Memory Corruption Vulnerability (CAN-2005-0554)
Content Advisor Memory Corruption Vulnerability (CAN-2005-0555)

Details on the vulnerabilities and workarounds can be found at http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx.

This is a “critical” update and affects all supported IE configurations from IE5.01 to IE6 for XPSP2. It is also a cumulative update. It includes hotfixes that have been released since the release of MS04-004 or MS04-025 but they will only be installed on systems that need them.

I encourage everybody to download these updates and other non-IE updates via Windows Update. Windows users are also strongly encouraged to turn on automatic updates on their systems so updates are downloaded more easily.

IEBlog

Internet Explorer Home Page

Internet Explorer Developer Center

Internet Explorer Feedback

Internet Explorer Testing Center

EricLaw's IEInternals

Exploring IE

IE Test Drive Demos

MSDN Channel 9

Microsoft Safety & Security Center

Building Windows 8

Windows Store for developers blog

Windows 8 app developer blog

Rey Bango’s blog

April IE Security Update is Available