Microsoft has a security update for Internet Explorer 6, 5.5 SP2, and 5.01 SP2 that resolves three security vulnerabilities. Specific information about the vulnerabilities is provided in Microsoft security bulletin MS01-051 (thanks LIGHTNiNG! for the tip):
This update eliminates three security vulnerabilities affecting Internet Explorer, and is discussed in Microsoft Security Bulletin MS01-051. Download now to prevent a malicious user from taking advantage of the Zone Spoofing vulnerability, the HTTP Request Encoding vulnerability, or a new variant of the Telnet Invocation vulnerability in Internet Explorer.
The first vulnerability involves how Internet Explorer handles URLs that include dotless IP addresses. (Note This vulnerability does not affect Internet Explorer 6.) The second vulnerability involves how Internet Explorer handles URLs that specify third-party sites. The third is a new variant of a vulnerability discussed in Microsoft Security Bulletin MS01-015, affecting how Telnet sessions are invoked via Internet Explorer.
| Operating systems | Windows 9x, Windows NT, Windows 2000, Windows XP |
| Download |