Microsoft Releases New Security Fixes for Outlook 2000 & 2002
Microsoft released new versions of the Outlook View Control for Outlook 2002 and Outlook 2000 to close a major security vulnerability that lets malicious code do almost anything with your Outlook data, including deleting items and harvesting email addresses from messages, and even run code to work with system files. The Outlook View Control commonly appears in Team Folders Web pages and digital dashboards..
The Outlook 2002 Update: August 16, 2001, also fixes a programming problem with sorting
appointments and blocks attachments with a CLSID (a unique identifier for Windows
programming objects) in the file extension (another known security vulnerability). This
update is the second in what Microsoft plans as a regular series of Outlook updates to
address security issues.
http://office.microsoft.com/downloads/2002/olk1003.aspx
The Outlook 2000 Service Release 1 (SR1): View Control Security Update requires that
you install Office 2000 SR1 or SR1a first, but it doesn't require the Outlook Email
Security Update.
http://office.microsoft.com/downloads/2000/outlctlx.aspx
To fix the CLSID file-extension security vulnerability in Outlook 2000, Microsoft has
issued a new version of the Outlook Email Security Update.
