IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled

ADVISORY 00-050

"Malformed E-mail Header Vulnerability"
July 21, 2000

See Microsoft Security Advisory MS00-043
Posted July 18, 2000/ Updated July 20, 2000

On July 20, 2000, Microsoft Corp. released an updated bulletin to announce the availability of patches that eliminate a security vulnerability in Microsoft Outlook and Outlook Express. Under certain conditions, this vulnerability could allow a malicious user to cause code of his choice to execute on another user's computer.

The patch eliminates this vulnerability as well as those discussed in Microsoft Security Bulletins MS00-045 and MS00-046. Users are urged to download and install this patch. Users who already have taken the corrective action discussed in either of these bulletins do not need to take any additional action.

Please report any illegal or malicious activities to your local FBI office or the NIPC, and to your military or civilian computer incident response group, as appropriate.