| Patch Name : |
OE6.0sp1-KB941202-Windows2000-x86-ENU.exe |
| Patch Description : |
Security Update for Outlook Express 6 Service Pack 1 (KB941202) |
| Bulletin Id : |
MS07-056 |
| Bulletin Title : |
Security Update for Outlook Express and Windows Mail (941202). |
| KnowledgeBase : | 941202 |
| Severity : |
Critical |
| Location Path : | OE6.0sp1-KB941202-Windows2000-x86-ENU.exe |
| Bulletin Summary: |
This critical security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page.
This is a critical security update for all supported versions of Microsoft Outlook express and Microsoft Windows Mail. For more information, see the subsection, Affected and Non-Affected Software, in this section.
This security update removes the vulnerability by changing the newsgroup client to handle malformed responses correctly. |
| Superceding Bulletin Id : |
MS08-048 |
| Patch Release Date : |
Oct 9, 2007 |
| CVE Id : | CVE-2007-3897 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Outlook Express 6.0 | Internet Explorer 6 SP1 |
|
| File changes |
|
| File Path |
Version |
| %windir%\system32\Inetcomm.dll | 6.0.2800.1914 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Outlook Express 6\SP1\KB941202-OE6SP1-20070820.120000 | | -2 |
|
