VULHUB ™

Microsoft Security Bulletin (MS00-046) - Patch Available for "Cache Bypass" vulnerability. Microsoft has released a patch for a security vulnerability in all versions of Outlook and Outlook Express. This vulnerability would allow an HTML mail to bypass the cache mechanism and create a file in a known location on the recipient's disk. If an HTML mail created an HTML file outside the cache, it would run in the Local Computer Zone when opened, allowing it to open a file on the user's computer and send it a malicious user's web site. The vulnerability also can be used as a way of placing an executable file on the user's machine or a way of reading any file. Microsoft FAQ on this issue available here.

Microsoft Security Bulletin (MS00-046) - Patch Available for "Cache Bypass" vulnerability. Microsoft has released a patch for a security vulnerability in all versions of Outlook and Outlook Express. This vulnerability would allow an HTML mail to bypass the cache mechanism and create a file in a known location on the recipient's disk. If an HTML mail created an HTML file outside the cache, it would run in the Local Computer Zone when opened, allowing it to open a file on the user's computer and send it a malicious user's web site. The vulnerability also can be used as a way of placing an executable file on the user's machine or a way of reading any file. Microsoft FAQ on this issue available here.