May 25, 1999 Web posted at: 3:02 p.m. EDT (1902 GMT) by Brian Livingston

From...

(IDG) -- Last week, I reported that Microsoft had quietly placed a new, bug-fix version of Internet Explorer 5 on its download site. This week, I cover more things that IE does and does not do.

I'm still receiving reports of "DLL hell." This is what happens when one application changes DLL files that another application depends upon.

Reader John Bowne told me how installing IE 5 disabled Eudora Pro 3.0.5, CleanSweep Deluxe 3.8, and GetRight 3.3.3. IE 5 installs the DLLs olepro32.dll 5.0 and msvcrt40.dll 4.2. When Bowne uninstalled IE 5 and recopied Version 4.1.6038 of these DLLs, his system went back to normal. Eudora has a Web page describing these files at www.eudora.com/techsupport/kb/1343hq.html.

Developer Bill Menees reported a different problem with IE 5. Menees' ClockBand program replaces the TaskBar Clock with one that can show the date, day of the week, seconds, and other stuff. It works fine if you install it under IE 4.0 and then upgrade to IE 5. But Menees says ClockBand isn't displayed if installed after IE 5. Developers of other resizable TaskBar toolbars are reportedly having the same experience. Try ClockBand yourself at members.home.net/bmenees/Miscellaneous.htm.

I asked a Microsoft representative to comment on these problems. A week later, no definitive information has turned up. Maybe next week.

Meanwhile, there are other "gotchas" that Microsoft does know about -- and that you can do something to fix.

MORE COMPUTING INTELLIGENCE
	IDG.net home page
InfoWorld home page
InfoWorld forums home page
InfoWorld Internet commerce section
Get Media Grok and The Industry Standard Intelligencer delivered for free
Reviews & in-depth info at IDG.net
IDG.net's personal news page
Year 2000 World
Questions about computers? Let IDG.net's editors help you
Subscribe to IDG.net's free daily newsletter for IT leaders
Search IDG.net in 12 languages
News Radio
	Fusion audio primers
	Computerworld Minute

For example, there has been talk on the Internet about a security bug in IE 5. Say you view a secure Web page that requires a password. Now, anyone who has access to your PC can get into that same page without your password -- even after you've closed IE and logged out of Windows 98 or Windows NT.

All the intruder needs to do is go back through your IE history and find that "secure" site. When the password dialog box appears, clicking Cancel, then Back, then Forward allows the intruder in.

This "new" bug is actually a known problem with IE 4.0 as well.

A work-around in IE 5 is to pull down the Tools menu, then click Options. Click the Advanced tab, scroll down to "Security," and turn on "Empty Temporary Internet Files Folder When Browser Is Closed."

In IE 4.0, click View, Internet Options, Advanced, then scroll to "Security," and turn on "Delete Saved Pages When Browser Closed."

Another serious security problem is the DHTML Edit bug. This mainly affects IE 5, although you also may have the problem in IE 4.0 if you ever downloaded updates.

This so-called Dynamic HTML (DHTML) bug allows a bad Webmaster to copy files with known file names from your hard drive without your knowledge. Microsoft recently issued a patch for this problem. Another patch is available for several security holes in mshtml.dll, a file used by both IE 4.0 and 5.

To get the fixes, go to www.microsoft.com/windows/ie/security/default.asp, then click "DHTML Edit Control Update" or "MSHTML update," respectively.

Readers Bowne and Menees will receive free copies of Windows 98 Secrets for sending me the tips I printed.

Good news for IE 5 users

If you're already using IE 5 successfully -- and you're ready for some more tools and toys -- a whole passel of 'em are available for download from Microsoft. Here's a sampling.