Determina Fix for CVE-2006-1359 Existing Determina VPS users that are protecting vulnerable applications through VPS Custom Application Module are already protected against this vulnerability and they do not need to apply this runtime fix. This is a runtime fix for the IE createTextRange() vulnerability. It can be applied to Windows 2000, XP and 2003 systems running Internet Explorer 5.01 and 6.0. The vulnerability lies in the MSHTML.DLL rendering engine which is loaded into many applications for HTML rendering, including but not limited to Internet Explorer, Microsoft Office and so on. The installation of the fix consists of adding the fix DLL to the AppInit_DLLs registry key in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows The MSI installation will do this automatically. This will enable loading this fix DLL into all the vulnerable applications. The fix does not modify any file or application on the disk. It will only modify the vulnerable applications and DLLs in memory. The fix will not be applied to any processes that are running at the time of the installation. You have to restart IE, Outlook and any other process that needs to be protected. After the installation, run status.exe to verify that your system is protected. If you have a version of MSHTML.DLL that the patch does not support, status.exe will say that the protection is not active. Once Microsoft releases an official patch and applied by the users, the Determina fix will not be applied any more. It will not cause any problems, but we recommend uninstalling it. To uninstall the fix, use "Add Remove Programs" in the Control Panel. To uninstall it manually, remove the DLL from the AppInit_DLLs key and restart your machine. Then you can delete the DLL. This tool does require administrative privileges on the vulnerable machines in order to install the tool and apply the fix.