Reported April 13, 2004, by Microsoft.
VERSIONS AFFECTED
·
Windows
Server 2003
·
Windows
XP
·
Windows
2000 Server
·
Windows
NT Server 4.0 Service Pack (SP) 6a
·
NT
Server 4.0, Terminal Server Edition (WTS) SP6
·
NT
Workstation 4.0 SP6a
·
Windows
Me
·
Windows
9x
DESCRIPTION
A new vulnerability exists in
Microsoft Outlook Express that could result in the execution of arbitrary code
on the vulnerable system.
VENDOR RESPONSE
Microsoft has released security bulletin
MS04-013, "Cumulative Security
Update for Outlook Express (837009),"
to address this vulnerability and recommends that affected users apply the
appropriate patch listed in the bulletin.
CREDIT
Discovered by Microsoft.