After you install security update 867282 that is included with Security Bulletin MS05-014, Internet Explorer crashes when you copy images from Web sites that use the <input type=image> tag

After you install security update 867282 that is included with Microsoft Security Bulletin MS05-014, Microsoft Internet Explorer crashes when you copy images from Web sites that use the <input type=image> tag.

A change was included in security update 867282 that helps to block a specific, potentially malicious scenario of dragging a Microsoft Excel spreadsheet that looks similar to an image to your desktop. The code that was changed to help block this scenario is used for drag-and-drop operations and for image copy operations. Because of the change, a logic error was introduced that can cause Internet Explorer to crash when you copy images from the <input type=image> tag.

To resolve this problem, install security update 890923 (MS05-020). For more information about security update 890923, click the following article number to view the article in the Microsoft Knowledge Base:

Workaround for Web developers

If you have a site that uses the <input type=image> tag, you can do the following things to work around this issue:

• To display an image, you can use the img element, for example <img src=�sample.gif�>, instead of using the input element with a type attribute that specifies an image.
• To submit the coordinates of the image that the user clicked on, you can use the <img> element and an <onclick> handler to capture the coordinates and to submit them through the <input type=submit> control. For example, use the following code.

  <script>
  function ClickHandler(e)
  {
   document.all.form1.imgx.value = e.offsetX;
   document.all.form1.imgy.value = e.offsetY;
   document.all.form1.submit();
  }
  </script>
  <form action="form.asp" method="post" id=form1 name=form1>
  <input type=hidden name="imgobj.x" id=imgx value=0>
  <input type=hidden name="imgobj.y" id=imgy value=0>
  <img src=someimage.jpg onclick="ClickHandler(event);">
  </form>

We are working on a software update to resolve this issue. This update will be included in the next Internet Explorer security update.

Workaround for Web users

To work around this issue, follow these steps:

1. Right-click the image that uses the <input type=image> tag, and then click Save Picture As to save the image file to the desktop.
2. Click Start , click Run, type mspaint in the Open box, and then click OK.
3. In Microsoft Paint, click Open on the File menu.
4. Click to select the image file that you saved to the desktop, and then click Open.
5. On the Edit menu, click Select All to select the image.
6. On the Edit menu, click Copy.

You can now paste the image to other applications.

For additional information about MS05-014, click the following article number to view the article in the Microsoft Knowledge Base: