Microsoft Releases Outlook Patch

Microsoft released a patch that remedies a security vulnerability in Outlook and Outlook Express. The vulnerability exists because the component in Outlook and Outlook Express that processes the virtual business card (vCard) has an unchecked buffer.

A malicious user could exploit this vulnerability by creating a vCard that contains specially malformed data and sending it to another user. When the recipient opens the vCard, the data overruns the buffer. This causes the e-mail program to stop functioning until it is restarted. In a more serious potential case, a malicious user could exploit the unchecked buffer to run unauthorized on the other user’s computer.

The patch is available on Microsoft’s Web site. It applies to Internet Explorer 5.01 Service Pack 1 and Internet Explorer 5.5 Service Pack 1. – Isaac Slepner

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.