Security Update, December 6, 2001 (Outlook Express 6)

Security Update, December 6, 2001 (Outlook Express 6)

This update resolves the "Outlook Express Restricted Sites zone bypass and file extension spoofing" security vulnerabilities in Outlook Express 6.0, and is discussed in Microsoft Security Bulletin MS01-058. Download now to prevent a malicious user from automatically initiating a file download when you open an attachment, or from causing an attachment, when you open it, to be identified by a different name and extension.

The first vulnerability allows a malicious user to create an HTML e-mail that could initiate a normal file download, when you open it, even if it was opened in the Restricted Sites Zone. The second vulnerability could, in one scenario, enable an attacker to identify an executable file as a text file, so the file appears safe to open.

For more information about these vulnerabilities, read Microsoft Security Bulletin MS01-058. (This site is in English.)

System Requirements

This update applies to Outlook Express 6.

How to use

Restart your computer to complete the installation.

How to uninstall

Uninstall is not available.

Print... | Close