If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)
[Crossposting deleted.]
Please note that previous posts in this thread were all crossposted to several non-Win98 newsgroups. -- ~PA Bear PCR wrote: Eee-Yow, three of them!! You will drive Colorado mad! He has forsworn all Windows Updates! MS04-018 - Cumulative Security Update for Outlook Express (823353) http://www.microsoft.com/technet/sec.../ms04-018.mspx Microsoft Security Bulletin MS04-018 Cumulative Security Update for Outlook Express (823353) Issued: July 13, 2004 Version: 1.0 Executive Summary: This update resolves a public vulnerability. A denial of service vulnerability exists in Outlook Express because of a lack of robust verification for malformed e-mail headers. The vulnerability is documented in the Vulnerability Details section of this bulletin. This update also changes the default security settings for Outlook Express 5.5 Service Pack 2 (SP2). This change is documented in the Frequently Asked Questions related to this security update section of this bulletin. If a user is running Outlook Express and receives a specially crafted e-mail message, Outlook Express would fail. If the preview pane is enabled, the user would have to manually remove the message, and then restart Outlook Express to resume functionality. We recommend that customers consider applying the security update. Summary Who should read this document: Customers who use Microsoft® Outlook Express® Impact of Vulnerability: Denial of Service Maximum Severity Rating: Moderate Recommendation: Customers should consider applying the security update. Security Update Replacement: This bulletin replaces MS04-013: Cumulative Update for Outlook Express and any prior Cumulative Security Updates for Outlook Express. Caveats: None Tested Software and Security Update Download Locations: Affected Softwa .Microsoft Windows NT® Workstation 4.0 Service Pack 6a .Microsoft Windows NT Server 4.0 Service Pack 6a .Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 .Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 .Microsoft Windows XP and Microsoft Windows XP Service Pack 1 .Microsoft Windows XP 64-Bit Edition Service Pack 1 .Microsoft Windows XP 64-Bit Edition Version 2003 .Microsoft Windows ServerT 2003 .Microsoft Windows Server 2003 64-Bit Edition .Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) - Review the FAQ section of this bulletin for details about these operating systems. Affected Components: .Microsoft Outlook Express 5.5 Service Pack 2: Download the Update .Microsoft Outlook Express 6: Download the Update .Microsoft Outlook Express 6 Service Pack 1: Download the Update .Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition): Download the Update .Microsoft Outlook Express 6 on Windows Server 2003: Download the Update .Microsoft Outlook Express 6 on Windows Server 2003 (64 bit edition): Download the Update The software in this list has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Microsoft Security Bulletin MS04-024 - Vulnerability in Window | The Unknown P | General | 4 | July 15th 04 02:20 AM |
Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) | Gary S. Terhune | General | 2 | July 14th 04 05:06 AM |
Microsoft Security Bulletin MS04-023--Please Note! | Gary S. Terhune | General | 4 | July 14th 04 04:39 AM |