Follow Up to Internet Explorer May 2007 Security Update

After downloading the Internet Explorer Cumulative Security Update for May 2007, some users have experienced an unexpected “Save File” security dialog upon launching Internet Explorer. This might occur when the “Temporary Internet Files” folder is moved to a custom location and Internet Explorer does not have appropriate access rights to the new folder location. 

The Internet Explorer Team  is currently investigating appropriate solutions for this user scenario. For your security, we strongly recommend that you deploy the Internet Explorer Cumulative Security Update for May 2007. If you experience this issue, we recommend implementing one of the workarounds provided in the following knowledge base article:

· Microsoft Knowledge Base article 937409

Geoffrey Silva
Program Manager
Internet Explorer Security

Comments

  • Anonymous
    May 16, 2007
    PingBack from http://www.ie7security.net/2007/05/16/follow-up-to-internet-explorer-may-2007-security-update/

  • Anonymous
    May 16, 2007
    when will you start IE7 of china,japan,korea  auto-update?

  • Anonymous
    May 16, 2007
    when will you start IE7 of china,japan,korea  auto-update?

  • Anonymous
    May 16, 2007
    james IE7 slip to Q3(2007-07 ~ 2007-09). www.microsoft.com/japan/technet/updatemanagement/windowsupdate/ie7announcement.mspx IETeam does NOT like CJK(China, Japan, Korea)-DBCS(Double Byte Chanacter Set) language. I'm from Japan ;-(

  • Anonymous
    May 16, 2007
    I have XP Pro with latest updates and have the same problem. My solution was to disable phishing filter -- under Internet Options | Advanced | Security | Phishing Filter and set it to "Disable Phishing Filter". Note the KB tells you that you can work around this problem by setting permissions on temporary internet files folder. This is not the case, at least here. The folder had "full control" allowed to all users in admin group and I as the computer user also belong to that admin group. Adding my user with full control to the permissions list, as instructed, does not change anything. My Internet Temporary Files folder is under C:temp.

  • Anonymous
    May 16, 2007
    Just a note on MSKB article KB937409: We've seen some reports i.e. in the windowsupdate newsgroup, that users who did not have moved the TIF folder from it's genuine location ran into the issue. According to my researches it's irrelevant whether the Temporary Internet Files folder has been moved from the default location. The issue is the (in Windows Explorer by default non-visible) subfolder "PhishingFilter". Deleting that folder will solve the issue in case some rans into. Also moving the TIF folder via the Internet Options to any other folder will relsolve the issue too, since with moving the TIF the "PhisingFilter" subfolder is deleted and recreated as soon as you don't have the Phishing Filter deactivated in the Internet Options (Advanced -> Security). To summarize: Moving the TIF folder (temporary) to any folder will relsove the issue for those users which run into the quirks. FWIW, Freudi

  • Anonymous
    May 16, 2007
    why will not you start auto-updat of china,japan,korea IE7 ?   Do you really dislike CJK(China, Japan, Korea)-DBCS(Double Byte Chanacter Set) language ?

  • Anonymous
    May 16, 2007
    Oh, and yes, I wonder whether it's intended that on localized Windows version the "Temporary Internet Files" folder gets "renamed" to a localized string ("Temporäre Internetdateien" on German languaged Windows XP SP2 with IE7) after beeing moved. Bye, Freudi

  • Anonymous
    May 17, 2007
    yeah uhm TIF is a system folder Admin accounts can't actualy change security.  Oh and if you move the the TIF IE works once, with one tab.  Any way keep trying.  I'll just turn off antiPhising feature.

  • Anonymous
    May 17, 2007
    The comment has been removed

  • Anonymous
    May 17, 2007
    The comment has been removed

  • Anonymous
    May 17, 2007
    Aedrin I think you should do a little research as I spent about a week with Vista. Vista In-Depth http://www.jabcreations.com/home/home-news-2007-1.php#news-02-01-2007-1 Vista Conclusion http://www.jabcreations.com/home/home-news-2007-1.php#news-02-06-2007-1 This of course does not include time I spent with the Beta. Part of the point of all my criticisms of Microsoft is the lack of consistency. IE6 and IE7 are not consistent in GUI design just as the functionality between XP and Vista is not consistent (for example many games no longer have 3D audio support in Vista). While I have plenty of criticisms about Windows and IE (who doesn't?) there are many positive things both the Windows platform and the IE team have contributed. I'll pick two: the IE team brought us favicons (my Firefox bookmarks toolbar is almost completely textless favicons) and Windows is the only keyboard-only accessible OS (with Gecko being the only browser that fully supports the focus pseudo-element. Try navigating my version 2.8 (28th version) test case of my website in Linux or OSX without your mouse: you can't and this is an OS level issue as the behavior is consistent between all OSX and *nix browsers. This ship might be leaky but it's sure brought us a long way!

  • Anonymous
    May 18, 2007
    Why IE works in Vista ONLY if protected mode is off? Since I purchased a Dell E520 with Vista preinstalled it was a mess. It was two month ago and stil I cannot use my system. And I paid it more than €1.600,00! E520 is connected to a home LAN on which are connected two laptops and another desktop, all XP based. LAN is connected to Internet through a USR9003 ADSL Router. All PC can use any application to connect to Internet. The Vista based one cannot, EVEN when Firewall is disabled. IE can connect, but only if Protected Mode is off. I can send e-mail too. But Windows Live Messenger cannot connect, nor Skype 3.2, nor Firefox 2.x, or the latest version of Second Life. I suspect it is some incompatibility in TCPIP stack. I tried hundreds of test to check the most common causes, and TCPIP config is the last chance. I could use NETSH to change parameters but.. how? What's different in Vista with respect XP????

  • Anonymous
    May 19, 2007
    Has anyone noticed that in Vista x64 attempting to load a XPS document from a webpage with protected mode on will cause a loop that doesn't stop until you can close the offending window? (difficult with the save dialog constantly cycling!)

  • Anonymous
    May 22, 2007
    Maybe I'm missing something, but that doesn't happen to me. I'm on Vista x64 and I've never experienced the "loop" you've described in protected mode. I can tell you that if you are experiencing that problem, use your keyboard and mouse simultaneously (lost art), and it should be easy to close the offending window :).

  • Anonymous
    May 22, 2007
    why will not you start auto-updat of china,japan,korea IE7 ?  

  • Anonymous
    May 23, 2007
    Oooops, I meant the "AntiPhishing" folder which is used/created with PhishingFilter beeing enabled. http://blogs.msdn.com/ie/archive/2007/05/16/follow-up-to-internet-explorer-may-2007-security-update.aspx#2690774 Bye, Freudi

  • Anonymous
    May 23, 2007
    Is there a different about security IE7 Vista version adn IE6 update version I compare them but I don't find where is the different! Thanks http://www.chattr.de

  • Anonymous
    May 25, 2007
    We had a few clients that were thrown off by the save file dialog and thought they were infected. If nothing else, it's getting folks to run a good spyware scan!

  • Anonymous
    August 14, 2007
    The IE Cumulative Security Update for August 2007 is now available via Windows Update . Alternatively,