further on patch for outlook security issue MS03-014

  • From: "Jamie A. Byrnes" <jabyrnes@xxxxxxxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 28 Apr 2003 09:52:11 +0930

All

 

A security friend has advised me that the listed patch for outlook
express also fixes the issue for outlook versions as well. I think he is
probably correct in thinking that MHTML is only implemented in one spot
and used by all three components (OE,IE,outlook) but the advisory just
isn't all that clear. The passage in question is:

 

MHTML is a standard for exchanging HTML content in e-mail and as a
result the MHTML URL Handler function has been implemented in Outlook
Express.  Internet Explorer can also render MHTML content, however the
MHTML function has not been implemented separately in Internet Explorer
- it simply uses Outlook Express to render the MHTML content. 

 

If I get time I will try to do a file trace when installing the patch
and see what we get.

 

Has anyone else had advice regarding this patching issue?

 

 

Jamie.

 

Other related posts:

  • » further on patch for outlook security issue MS03-014