The IE Cumulative Security Update for April 2009 is now available via Windows Update or Microsoft Update.
This update addresses four privately reported vulnerabilities and two publicly disclosed vulnerabilities. The security update addresses these vulnerabilities by modifying the way that Internet Explorer searches the system for files to load, performs authentication reply validation, handles transition errors when navigating between Web pages, and handles memory object. For detailed information on the contents of this update, please see the following documentation:
This security update is rated Critical for Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1, Internet Explorer 6, and Internet Explorer 7 running on all supported editions of Windows 2000, Windows XP and Windows Vista. For Internet Explorer versions running on all supported editions of Windows Server 2003 or Windows Server 2008, the update is rated Important. For Internet Explorer Beta products, download locations are available in the Knowledge Base Article.
IE security updates are cumulative and contain all previously released updates for each version of Internet Explorer.
I encourage everybody to download this security update and other non-IE security updates via Windows Update or Microsoft Update. Windows users are also strongly encouraged to configure their systems for automatic updates to keep their systems current with the latest updates from Microsoft.
Terry McCoy Program Manager Internet Explorer Security