News

Microsoft Puts Out 2 Security Bulletins

Microsoft issued new security bulletins warning users of moderate threats due to vulnerabilities in Internet Explorer and Microsoft Outlook 2002.

The Internet Explorer vulnerability affects versions 5.5 and 6.0 but not 5.01. It is addressed in a cumulative patch for Internet Explorer that can be found at http://www.microsoft.com/technet/security/bulletin/MS02-068.asp.

The new vulnerability involves a flaw in IE's cross-domain security model that arises from IE's incomplete security checks when certain object caching techniques are used on Web pages. The flaw could result in information disclosure.

The flaw in Microsoft's flagship e-mail client exists in the way Outlook 2002 processes e-mail header information. To execute this denial of service attack, an attacker would need to send a specially malformed e-mail to the Outlook 2002 user. The message would cause Outlook 2002 to fail and the e-mail client application would continue to fail until the message is removed from the server. The message removal could be done at the server level by an administrator or by the client using another e-mail client, such as Outlook Web Access or Outlook Express.

The patch for the Outlook 2002 vulnerability can be found at http://www.microsoft.com/technet/security/bulletin/MS02-067.asp.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.