Security Updates for Internet Explorer (March 2018) RRS feed

  • General discussion

  • I have report from Nesus that once we install match update the version of mshtml.dll will change to 11.0.9600.18953 but the file is not changing.

      KB : 4089187
      - C:\Windows\system32\mshtml.dll has not been patched.
        Remote version : 11.0.9600.18921
        Should be      : 11.0.9600.18953

    Note: The fix for this issue is available in either of the following updates:
      - KB4089187 : Cumulative Security Update for Internet Explorer
      - KB4088875 : Windows 7 / Server 2008 R2 Monthly Rollup

    I have installed both updates but still the file version is 11.0.9600.18946

    Can anyone have Resolution for this.

    • Changed type Mebikash Sunday, April 8, 2018 8:41 AM
    Saturday, April 7, 2018 7:22 AM

All replies

  • Have you tried to restart the computer?

    1. We may use Microsoft Baseline Security Analyzer tool to scan Vulnerability again, check what is the result with this tool:

    Download link:


    2. Check installed updates in Windows update, verify if these updates are actually installed on the computer.

    3. If these updates are not installed actually, but it indicates they are installed, then check if reset windows update component on the computer could fix the issue:

    Reset windows update component:


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, April 10, 2018 2:36 AM
  • Hi,

    Did you read his question properly? before replying to questions.

    I am also facing the same problem and haven't got any answer yet. 

    Tuesday, April 10, 2018 8:36 AM
  • It appears that KB4096040 reverted mshtml.dll from 18953 (installed with KB4089187) to 18946.  

    KB4096040 replaced KB4089187.

    If the replacement update downgraded the .dll, could it be that NESSUS just didn't get the memo?  That would be shocking, right?  ;)

    We're kind of struggling for a solution right now to the same high vulnerabilities on 2008r2 systems.  2012 r2 was unaffected, fortunately.

    • Edited by Ian_____ Tuesday, April 10, 2018 5:15 PM
    Tuesday, April 10, 2018 5:12 PM
  • It looks like Microsoft released a patch KB4096040, which applies to Windows 7 SP1 and Server 2008 R2 SP1, after this Plugin 108295 was last updated that rolls back the IE version to 11.0.9600.18946. So currently the Plugin 108295 is reporting that the IE version should be 11.0.9600.18953

    The KB4096040 update replaces security update 4089187 with the lower dll version 11.0.9600.18946:

    KB4089187    2/16/2018       11.0.9600.18953
    KB4096040    3/3/2018         11.0.9600.18946

    Uninstalling both KB4089187 and KB4096040 and then reinstalling KB4089187 did the trick for us.

    Tuesday, April 10, 2018 7:36 PM
  • We're showing a new IE update available to 2008R2 systems that updates mshtml.dll to 11.0.9600.18978.  installed and confirmed.
    Wednesday, April 11, 2018 2:53 PM