Hello everyone, this is Christopher Budd.
I wanted to let people know that as part of our regular process, we’ve made an update to the Master KB article for MS07-027, 931768.
Specifically, we’ve added an entry pointing to a new KB article, 937409, that discusses an issue that can occur for IE 7 customers who have changed the default locations of the “Temporary Internet Files” after they apply MS07-027.
The update fully protects against the vulnerabilities detailed in the bulletin. The issue here is that after applying the update, these users may then see the File Download – Security Warning dialog box raised when starting IE. After you close the dialog, you then cannot start IE. This is because the permissions on the custom Temporary Internet Files directory are not the same as the permissions on the default Temporary Internet Files directory. The KB details two options to address this. You can either reset the Temporary Internet Files directory back to the default directory, or change the permissions on the custom directory to match those on the default Temporary Internet Files directory. The KB contains specific steps on how to do either of these.
Because this occurs in a customized installation, this isn’t a widespread issue. But we did want to make people aware of it. My colleague Geoffrey Silva has written about this on the IE Team weblog here.
Thanks.
Christopher
*This posting is provided “AS IS” with no warranties, and confers no rights.*