US-CERT Cyber Security Alert SA04-070A -- Vulnerability in Microsoft Outlook 2002

National Cyber Alert System

Cyber Security Alert SA04-070A

Vulnerability in Microsoft Outlook 2002

Original release date: March 10, 2004
Last revised: --
Source: US-CERT

Systems Affected

Systems running Microsoft Office XP and Outlook 2002

Overview

There is a vulnerability in Outlook 2002 that could allow attackers to take control of your computer.

Description

By taking advantage of the way Outlook interprets email links, an attacker may be able to gain control of your computer.

A technical description of these vulnerabilities is available from US-CERT in TA04-070A and from Microsoft in MS04-009.

Resolution

Apply a patch
Microsoft's Office Security Update for March 2004 links to the necessary patches.

References

US-CERT Technical Alert TA04-070A - <http://www.us-cert.gov/cas/techalerts/TA04-070A.html>

Microsoft's Office Security Update for March 2004 - <http://www.microsoft.com/security/security_bulletins/20040309_office.asp>

Microsoft Security Bulletin MS04-009 - <http://www.microsoft.com/technet/security/bulletin/ms04-009.mspx>

This document is available from <http://www.us-cert.gov/cas/alerts/SA04-070A.html>

Revision History

March 10, 2004: Initial release

Last updated July 17, 2007

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting