Neowin.net

This is a cumulative patch that includes the functionality of all previously released patches for Internet Explorer 5.01, 5.5 and 6.0. In addition, it eliminates two newly discovered vulnerabilities:

• A buffer overrun vulnerability that occurs because Internet Explorer does not properly determine an object type returned from a web server. It could be possible for an attacker who exploited this vulnerability to run arbitrary code on a user's system. If a user visited an attacker’s website, it would be possible for the attacker to exploit this vulnerability without any other user action. An attacker could also craft an HTML email that attempted to exploit this vulnerability.
  
• A flaw that results because Internet Explorer does not implement an appropriate block on a file download dialog box. It could be possible for an attacker to exploit this vulnerability to run arbitrary code on a user's system. If a user simply visited an attacker’s website, it would be possible for the attacker to exploit this vulnerability without any other user action. An attacker could also craft an HTML email that attempted to exploit this vulnerability.

In order to exploit these flaws, the attacker would have to create a specially formed HTML email and send it to the user. Alternatively an attacker would have to host a malicious web site that contained a web page designed to exploit these vulnerabilities. The attacker would then have to persuade a user to visit that site.

As with the previous Internet Explorer cumulative patches released with bulletins MS03-004 and MS03-015, this cumulative patch will cause window.showHelp( ) to cease to function if you have not applied the HTML Help update. If you have installed the updated HTML Help control from Knowledge Base article 811630, you will still be able to use HTML Help functionality after applying this patch.

Download: Cumulative Patch for Internet Explorer (818529) [Select your language]
View: Microsoft Security Bulletin MS03-020 - Cumulative Patch for Internet Explorer (818529)
News source: Microsoft Internet Explorer Critical Patch

During first stage of V5 beta, we will be concentrating on two major issues:
WU Web Site beta testing - including gross and detailed site functionality, site UI, and site text

1. WU content Beta testing - all content delivered through the WU site (with the exception of Security Updates, there is another channel for those) will have a specific beta release/test period. This includes driver update content.
   
2. After the initial beta period, the WU V5beta program will continue to be involved in Beta update testing of software and driver content prior to their RTW ('going live') on the v5 site.
   
3. Platform - current plans for V5 Beta are that all beta testers will require a platform of windows 2000 SP2 and later, for a testing platform.
   
4. No one in either WU Beta or Office Beta groups have been enrolled in the V5 beta program, yet.

Neowin Note: This is probably the reason for the previous questionnaire on betaplace asking "Which Operating systems do you want to see on Windows Update" so if you haven't completed the questionnaire yet now might be a good time to do so.