Alert

Vulnerability in Microsoft Outlook 2002

Last Revised
Alert Code
SA04-070A

Systems Affected

 

Systems running Microsoft Office XP and Outlook 2002

 

Overview

 

There is a vulnerability in Outlook 2002 that could allow attackers to take control of your computer.

 

Description

 

By taking advantage of the way Outlook interprets email links, an attacker may be able to gain control of your computer.

A technical description of these vulnerabilities is available from US-CERT in TA04-070A and from Microsoft in MS04-009.

Resolution

Apply a patch

Microsoft's Office Security Update for March 2004 links to the necessary patches.

References

  • US-CERT Technical Alert TA04-070A - <http://www.us-cert.gov/cas/techalerts/TA04-070A.html>
  • Microsoft's Office Security Update for March 2004 - <http://www.microsoft.com/security/security_bulletins/20040309_office.asp>
  • Microsoft Security Bulletin MS04-009 - <http://www.microsoft.com/technet/security/bulletin/ms04-009.mspx>

This document is available from <http://www.us-cert.gov/cas/alerts/SA04-070A.html>

Copyright 2004 Carnegie Mellon University. Terms of use

Revision History

  • March 10, 2004: Initial release

    Last updated 

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.