Microsoft Security Bulletin MS00-068
Patch Available for OCX Attachment Vulnerability
Originally posted: September 26, 2000
Microsoft has released a patch that eliminates a security vulnerability that could cause certain email applications to fail, requiring the user to restart the e-mail client to resume normal operation.
- Media Player OCX as part of Microsoft Windows Media Player 7, and only when installed on systems running Outlook or Outlook Express.
Note: The vulnerability only occurs if both Windows Media Player 7 and an affected e-mail client (Outlook or Outlook Express) are installed on the same machine. Machines that only fulfill one of these conditions are not affected.
Vulnerability Identifier: CVE-2000-0929
Support: This is a fully supported patch. Information on contacting Microsoft Product Support Services is available at http://support.microsoft.com/contactussupport/?ws=support.
Security Resources: The Microsoft TechNet Security Web Site provides additional information about security in Microsoft products.
The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
- September 26, 2000: Bulletin Created.