This is a cumulative patch that includes the functionality of all previously released patches for Internet Explorer 5.01, 5.5 & 6.0. In addition, it eliminates the following newly discovered vulnerabilities:

A vulnerability that occurs because Internet Explorer does not properly determine an object type returned from a Web server in a popup window.
A vulnerability that occurs because Internet Explorer does not properly determine an object type returned from a Web server during XML data binding.

In addition, a change has been made to the method by which Internet Explorer handles Dynamic HTML (DHTML) Behaviors in the Internet Explorer Restricted Zone.

Patch availability:
All versions except Microsoft Internet Explorer 6.0 for Windows Server 2003
Microsoft Internet Explorer 6.0 for Windows Server 2003