MS06-061: Security update for Microsoft XML Core Services 6.0

Microsoft has released security bulletin MS06-061. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

• Home users:
  http://www.microsoft.com/athome/security/update/bulletins/200610.mspx
• IT professionals:
  http://www.microsoft.com/technet/security/bulletin/ms06-061.mspx

Known issues with this security update

• If you have multiple versions of Microsoft XML Parser or Microsoft XML Core Services (MSXML) installed, you may have to install multiple packages for this security update. Additionally, if you install a version of MSXML after you install this security update, you may have to install an additional package for this security update. For more information about the different MSXML versions that are available or included with various Microsoft products or software updates, click the following article number to view the article in the Microsoft Knowledge Base:
  269238 List of Microsoft XML Core Services (XML Parser) versions
• Security update packages 925672 and 925673 for MSXML 4.0 Service Pack 2 (SP2) and MSXML 6.0 are complete installation packages. You can use these packages to install MSXML 4.0 SP2 or MSXML 6.0 on a computer that has no earlier versions of MSXML 4.0 or MSXML 6.0 installed. You can also use these packages to update an existing installation of MSXML 4.0 or MSXML 6.0. However, Windows Update and Microsoft Update only offer these packages if an earlier version of MSXML 4.0 or MSXML 6.0 is already installed on your computer. If you do not have an earlier version of MSXML 4.0 or MSXML 6.0 installed, download and install these packages from the Microsoft Download Center.
  
  The files that are installed by security update packages 925672 and 925673 for MSXML 4.0 SP2 and MSXML 6.0 are listed in the following tables.
  
  MSXML 6.0 is not installed

  File Name	Version	Date	Time	Size
  Msxml6.dll	6.0.3888.0	1-Sep-06	12:08	1.27 MB
  Msxml6r.dll	6.0.3883.0	19-Jul-06	10:55	84.6 KB

  MSXML 6.0 is installed

  File Name	Version	Date	Time	Size
  Msxml6.dll	6.0.3888.0	1-Sep-06	12:08	1.27 MB

  MSXML 4.0 is not installed

  File Name	Version	Date	Time	Size
  Msxml4.dll	4.20.9839.0	12-Sep-06	5:51	1216 KB
  Msxml4r.dll	4.10.9404.0	12-Jul-06	5:49	80.5 KB

  Note This security update is installed in both the %SystemRoot%\System32 folder and the side-by-side folder.
  
  MSXML 4.0 is installed

  File Name	Version	Date	Time	Size
  Msxml4.dll	4.20.9839.0	12-Sep-06	5:531	1.18 MB

  Note This security update is installed in both the %SystemRoot%\System32 folder and the side-by-side folder.
• When you remove security update 925673 for MSXML 6.0, MSXML 6.0 is completely removed from your computer.
• Security update package 925672 for MSXML 4.0 SP2 does not support completely removing MSXML 4.0 because this version of MSXML is installed in side-by-side mode. To work around this issue, follow these steps:
  1. Use Add or Remove Programs to remove security update 925672.
  2. Delete the MSXML4.dll file from the %SystemRoot%\System32 folder.
  3. Use Add or Remove Programs to repair MSXML 4.0.
  The earlier versions of the Msxml4.dll file and the Msxml4r.dll file are restored to both the %SystemRoot%\System32 folder and the side-by-side folder.
• The security update packages for MSXML 3.0 only update the MSXML3.dll file. The resource files are not updated for this version.