Security Bulletin

Microsoft Security Bulletin MS04-018 - Moderate

Cumulative Security Update for Outlook Express (823353)

Published: July 13, 2004

Version: 1.0

Issued: July 13, 2004
Version: 1.0

Summary

Who should read this document: Customers who use Microsoft® Outlook Express®

Impact of Vulnerability:  Denial of Service

Maximum Severity Rating: Moderate

Recommendation: Customers should consider applying the security update.

Security Update Replacement: This bulletin replaces MS04-013: Cumulative Update for Outlook Express and any prior Cumulative Security Updates for Outlook Express.

Caveats: None

Tested Software and Security Update Download Locations:

Affected Software:

  • Microsoft Windows NT® Workstation 4.0 Service Pack 6a
  • Microsoft Windows NT Server 4.0 Service Pack 6a
  • Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
  • Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4
  • Microsoft Windows XP and Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP 64-Bit Edition Service Pack 1
  • Microsoft Windows XP 64-Bit Edition Version 2003
  • Microsoft Windows Server™ 2003
  • Microsoft Windows Server 2003 64-Bit Edition
  • Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) - Review the FAQ section of this bulletin for details about these operating systems.

Affected Components:

The software in this list has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site.

General Information

Executive Summary

Executive Summary:

This update resolves a public vulnerability. A denial of service vulnerability exists in Outlook Express because of a lack of robust verification for malformed e-mail headers. The vulnerability is documented in the Vulnerability Details section of this bulletin. This update also changes the default security settings for Outlook Express 5.5 Service Pack 2 (SP2). This change is documented in the Frequently Asked Questions related to this security update section of this bulletin.

If a user is running Outlook Express and receives a specially crafted e-mail message, Outlook Express would fail. If the preview pane is enabled, the user would have to manually remove the message, and then restart Outlook Express to resume functionality.

We recommend that customers consider applying the security update.

Severity Ratings and Vulnerability Identifiers:

Vulnerability Identifiers Impact of Vulnerability Outlook Express 5.5 SP2 Outlook Express 6 Outlook Express 6 SP1 Outlook Express 6 (64 bit Edition) Outlook Express 6 for Windows Server 2003 Outlook Express 6 Windows Server 2003 (64-bit Edition)
Malformed E-mail Header Vulnerability - CAN-2004-0215 Denial of Service None Moderate None None None None

This assessment is based on the types of systems that are affected by the vulnerability, their typical deployment patterns, and the effect that exploiting the vulnerability would have on them.

What updates does this release replace?
This is a cumulative update that includes the functionality of all the previously-released updates for Outlook Express 5.5 and Outlook Express 6. The security bulletin ID and operating systems that are affected for the previous Outlook Express update are listed in the following table.

Bulletin ID Outlook Express 5.5 SP2 Outlook Express 6 Outlook Express 6 SP1 Outlook Express 6 (64 bit Edition) Outlook Express 6 for Windows Server 2003 Outlook Express 6 Windows Server 2003 (64-bit Edition)
MS04-013 Replaced Replaced Replaced Replaced Replaced Replaced

Does this update contain any other changes to functionality?
Yes. In addition to the change that is listed in the Vulnerability Details section of this bulletin, this update includes the following changes in functionality:

  • Sets Outlook Express 5.5 SP2 to view HTML e-mail messages in the Restricted Sites zone.
  • Fixes a behavior that was introduced in MS03-014 where Outlook Express 6 SP1 and later creates a copy of the Windows Address Book in a predictable location with a file name of “~”. After you install this update, Outlook Express will no longer create this copy of the Windows Address Book in a predictable location.

How does the extended support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition affect the release of security updates for these operating systems?
Microsoft will only release security updates for critical security issues. Non-critical security issues are not offered during this support period. For more information about the Microsoft Support Lifecycle policies for these operating systems, visit the following Web site.

For more information about severity ratings, visit the following Web site.

Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition critically affected by any of the vulnerabilities that are addressed in this security bulletin?
No. None of these vulnerabilities are critical in severity on Windows 98, on Windows 98 Second Edition, or on Windows Millennium Edition.

I'm still using Microsoft Windows NT 4.0 Workstation Service Pack 6a or Windows 2000 Service Pack 2, but extended security update support ended on June 30, 2004. However, this bulletin has a security update for these operating system versions. Why is that?
Windows NT 4.0 Workstation Service Pack 6a and Windows 2000 Service Pack 2 have reached the end of their life cycles as previously documented, and Microsoft extended this support to June 30, 2004. However, the end-of-life for the extended support period occurred very recently. In this case, the majority of the steps that are required to address this vulnerability were completed before June 30, 2004. Therefore, we have decided to release security updates for these operating system versions as part of this security bulletin. We do not anticipate doing this for future vulnerabilities affecting these operating system versions, but we reserve the right to produce updates and to make these updates available when necessary.

It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to future vulnerabilities. For more information about the Windows Product Life Cycle, visit the following Microsoft Support Lifecycle Web site. For more information about the extended security update support period for these operating system versions, visit the following Microsoft Product Support Services Web site.

Customers who require additional support for Windows NT Workstation 4.0 SP6a must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. For contact information, visit the Microsoft Worldwide Information Web site, select the country, and then click Go to see a list of phone numbers. When you call, ask to speak with the local Premier Support sales manager.

For more information, see the Windows Operating System FAQ.

I just scanned my system by using the Microsoft Baseline Security Analyzer (MBSA) and it did not tell me that I had to install this update. Am I at risk?
MBSA does not currently scan for Outlook Express-related security updates. However, Windows Update will successfully detect and install this update if it is required. For more information about MBSA and the products that MBSA currently scans, visit the following Microsoft Web site.

Can I use Systems Management Server (SMS) to determine if this update is required?
No. SMS uses MBSA for detection and this update is not detected by MBSA. However, the registry key information that is available in this bulletin can also be used to write specific file and registry key collection queries in SMS to detect vulnerable systems. For information about how to deploy updates not supported by MBSA with SMS, please review Knowledge Base article 867832 or visit the SMS Web site.

Vulnerability Details

Malformed E-mail Header Vulnerability - CAN-2004-0215:

A denial of service vulnerability exists that could allow an attacker to send a specially crafted e-mail message causing Outlook Express to fail.

Mitigating Factors for Malformed E-mail Header Vulnerability - CAN-2004-0215:

  • The following versions of Outlook Express are not affected by this vulnerability:
    • Microsoft Outlook Express 5.5SP2
    • Microsoft Outlook Express 6 SP1
    • Microsoft Outlook Express 6 SP1 (64-Bit Edition)
    • Microsoft Outlook Express 6 on Windows Server 2003
    • Microsoft Outlook Express 6 on Windows Server 2003 (64-Bit Edition)
  • If the preview pane is not enabled, the malicious e-mail message would have to be opened by the user for Outlook Express to fail.

Workarounds for Malformed E-mail Header Vulnerability - CAN-2004-0215:

Disable the preview pane

Disabling the preview pane will prevent the malicious e-mail message from causing Outlook Express to fail on each restart. To disable the preview pane, follow these steps:

  1. In Outlook Express, click View, and then click Layout.
  2. Click to clear the Show Preview Pane check box, and then click OK.

FAQ for Malformed E-mail Header Vulnerability - CAN-2004-0215:

What is the scope of the vulnerability?
This is a denial of service vulnerability. An attacker who exploited this vulnerability could cause Outlook Express to fail. A user would have to manually remove the e-mail message, and then restart Outlook Express to restore functionality.

What causes the vulnerability?
The method used by Outlook Express to validate malformed e-mail headers.

What is an e-mail header?
Mail servers and clients must have information that tells them how to process incoming and outgoing e-mail messages. This information is provided in header fields within the e-mail message. Examples of the type of information that is contained in e-mail header fields include the sender's e-mail address, the recipient’s e-mail addresses, the time that the e-mail was sent, and the name of the mail server that received the e-mail message.

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could cause Outlook Express to fail unexpectedly.

Who could exploit the vulnerability?
Any user who could deliver a specially crafted message to the affected user’s e-mail account could attempt to exploit this vulnerability.

How could an attacker exploit the vulnerability?
An attacker could exploit the vulnerability by creating a specially crafted e-mail message, and then sending the message to an affected user's e-mail account. If the affected user opens the message, it could cause Outlook Express to fail.

I have the preview pane enabled. How can I remove the malicious e-mail message without Outlook Express failing when it starts?
You can disable the preview pane without starting Outlook Express by editing the registry. The following steps demonstrate how to disable to preview pane in Outlook Express:

Note Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.

Note We recommend backing up the registry before you edit it.

  1. Click Start, click Run, type "regedt32" (without the quotation marks), and then click OK.

  2. In Registry Editor, locate the following registry key:

    HKCU\Identities\{Identity GUID}\Software\Microsoft\OutLook Express\5.0\Mail\

  3. Click the ShowHybridView data value, click Edit, and change the DWORD value to 0.

  4. Click OK and then restart Outlook Express.

Information on how to modify the registry is available in Microsoft Knowledge Base article 256986.

What systems are primarily at risk from the vulnerability?
Systems where Outlook Express 6.0 is used to read e-mail messages, such as workstations and terminal servers, are primarily at risk from this vulnerability.

What does the update do?
The update removes the vulnerability by modifying the way that Outlook Express validates e-mail headers.

When this security bulletin was issued, had this vulnerability been publicly disclosed?
Yes. This vulnerability has been publicly disclosed. It has been assigned Common Vulnerability and Exposure number CAN-2004-0215.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited?
No. Microsoft had seen examples of proof of concept code published publicly but had not received any information indicating that this vulnerability had been publicly used to attack customers when this security bulletin was originally issued.

Does applying this security update help protect customers from the code that has been published publicly that attempts to exploit this vulnerability?
Yes. This security update addresses the vulnerability that is currently being exploited. The vulnerability that has been addressed has been assigned the Common Vulnerability and Exposure number CAN-2004-0215.

Security Update Information

Prerequisites

Microsoft has tested the versions of Windows and the versions of Outlook Express that are listed in this bulletin to assess whether they are affected by this vulnerability and to confirm that the update that this bulletin describes addresses this vulnerability.

To install the Outlook Express 6 Service Pack 1 (SP1) versions of this update, you must be running Internet Explorer 6 SP1 (version 6.00.2800.1106) on one of the following versions of Windows:

  • Microsoft Windows NT Workstation 4.0 Service Pack 6a
  • Microsoft Windows NT Server 4.0 Service Pack 6a
  • Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
  • Microsoft Windows 2000 Service Pack 2, Service Pack 3, or Service Pack 4
  • Microsoft Windows XP
  • Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP 64-Bit Edition Service Pack 1

To install the Outlook Express 6 for Windows Server 2003 versions of this update, you must be running Internet Explorer 6 (version 6.00.3790.0000) on Windows Server 2003 (32-bit or 64-bit), or you must be running Internet Explorer 6 (version 6.00.3790.0000) on Windows XP 64-Bit Edition Version 2003.

To install the Outlook Express 6 version of this update, you must be running Internet Explorer 6 (version 6.00.2600.0000) on a 32-bit version of Windows XP.

  • Internet Explorer 5.01 Service Pack 4 (version 5.00.3700.1000) on Windows 2000 SP4
  • Internet Explorer 5.01 Service Pack 3 (version 5.00.3502.1000) on Windows 2000 SP3
  • Internet Explorer 5.5 Service Pack 2 (version 5.50.4807.2300) Windows Millennium Edition

Versions of Windows, versions of Outlook Express, and versions of Internet Explorer that are not listed in this article are no longer supported. Although you can install some of the update packages that are described in this article on these versions of Windows and on these versions of Outlook Express, Microsoft has not tested these versions to assess whether they are affected by this vulnerability or to confirm that the update that this bulletin describes addresses this vulnerability. We recommend that you upgrade to a supported version of Windows and to a supported version of Outlook Express, and then apply the appropriate update.

For more information about how to determine the version of Internet Explorer that you are running, see Microsoft Knowledge Base Article 164539.

For more information about support lifecycles for Windows components, visit the following Microsoft Support Lifecycle Web site.

For more information about how to obtain the latest service pack for Internet Explorer 6, see Microsoft Knowledge Base Article 328548.

For more information about how to obtain the latest service pack for Internet Explorer 5.5, see Microsoft Knowledge Base Article 276369.

For more information about how to obtain the latest service pack for Internet Explorer 5.01, see Microsoft Knowledge Base Article 267954.

Restart Requirements

In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart.

The Windows Server 2003 versions of this security update (including Windows XP 64-Bit Edition Version 2003) support the following setup switches:

/help                 Displays the command line options

Setup Modes

/quiet            Quiet mode (no user interaction or display)

/passive            Unattended mode (progress bar only)

/uninstall          Uninstalls the package

Restart Options

/norestart          Do not restart when installation is complete

/forcerestart      Restart after installation

Special Options

/l                        Lists installed Windows hotfixes or update packages

/o                       Overwrite OEM files without prompting

/n                       Do not backup files needed for uninstall

/f                        Force other programs to close when the computer shuts down

Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that the previous version of the setup utility uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article about the supported installation switches, see Microsoft Knowledge Base Article 262841.

Deployment Information

To install this security update on Windows Server 2003 without any user intervention, use the following command at a command prompt:

windowsserver2003-kb823353-x86-enu.exe /quiet /passive

To install this security update on Windows Server 2003 without forcing the system to restart, use the following command at a command prompt:

windowsserver2003-kb823353-x86-enu.exe /norestart

The other update packages for this security update support the following Setup switches:

/q             Use Quiet mode or suppress messages when the files are being extracted.

/q:u         Use User-Quiet mode. User-Quiet mode presents some dialog boxes to the user.

/q:a          Use Administrator-Quiet mode. Administrator-Quiet mode does not present any dialog boxes to the user.

/t: path:    Specify the location of the temporary folder that Setup uses or the target folder for extracting the files (when you also use the /c switch).

/c:             Extract the files without installing them. If you do not specify the /t: path switch, you are prompted for a target folder.

/c: path     Specify the path and the name of the Setup .inf file or the .exe file.

/r:n            Never restart the computer after the installation process has completed.

/r:i             Prompt the user to restart the computer if a restart is required, except when you use this switch together with the /q:a switch.

/r:a           Always restart the computer after the installation process has completed.

/r:s          Restart the computer after the installation process has completed without prompting the user.

/n:v         Do not verify the version. Use this switch with caution to install the update on any version of Internet Explorer.

For more information about these supported setup switches, see Microsoft Knowledge Base Article 197147.

To install the security update without any user intervention, use the following command replacing "package_name" with the filename for the package being installed:

package_name /q:a /r:n

Verifying Update Installation

To verify the files that this security update has installed, use one of the following methods:

  • Confirm that Q823353 appears in the Update Versions field in the About Internet Explorer dialog box. You cannot use this method on Windows Server 2003 or on Windows XP 64-Bit Edition Version 2003 because the package does not update the Update Versions field for these versions of Windows.
  • Compare the versions of the updated files on your computer with the files that are listed in the File Information section in this bulletin.
  • Confirm that the following registry entries exist:
    • For Windows Server 2003 and Windows XP 64-Bit Edition Version 2003, confirm that the Installed DWORD value that has a data value of 1 appears in the following registry key:

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB823353

    • For all other versions of Windows, confirm that the IsInstalled DWORD value that has a data value of 1 appears in the following registry key:HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{F5173CF0-1DFB-4978-8E50-A90169EE7CA9}

Removal Information

To remove this update, use the Add or Remove Programs tool (or the Add/Remove Programs tool) in Control Panel. Click Outlook Express Q823353, and then click Change/Remove (or click Add/Remove).

On Windows Server 2003 and on Windows XP 64-Bit Edition Version 2003, system administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe utility is located in the %Windir%\$NTUninstallKB823353$\Spuninst folder. This utility supports the following setup switches:

/?: Show the list of installation switches.

/u: Use unattended mode.

/f: Force other programs to quit when the computer shuts down.

/z: Do not restart when the installation is complete.

/q: Use Quiet mode (no user interaction).

On all other versions of Windows, system administrators can use the Ieuninst.exe utility to remove this update. This security update installs the Ieuninst.exe utility in the %Windir% folder. This utility supports the following setup switches:

/?: Show the list of installation switches.

/z: Do not restart when the installation is complete.

/q: Use Quiet mode (no user interaction).

To remove this update quietly, use the following command at a command prompt:

c:\windows\ieuninst /q c:\windows\inf\q823353.inf

This command assumes that Windows is installed in the C:\Windows folder.

File Information

The English version of this security update has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Because of file dependencies, this update may contain additional files.For information about the specific security update for your operating system, click the appropriate link.

Outlook Express 6 SP1 for Windows XP, Windows XP SP1, Windows 2000 SP3, Windows 2000 SP4, and Windows NT 4.0 SP6a

Date Time Version Size File name
--------------------------------------------------------------
03-Mar-2003 23:57 6.0.2800.1123 75,776 Directdb.dll
07-Jun-2004 21:19 6.0.2800.1441 596,480 Inetcomm.dll
11-Oct-2002 22:08 6.0.2800.1123 47,616 Inetres.dll
03-Mar-2003 23:57 6.0.2800.1123 44,032 Msident.dll
03-Mar-2003 23:57 6.0.2800.1123 56,832 Msimn.exe
26-May-2004 21:26 6.0.2800.1437 1,175,040 Msoe.dll
03-Mar-2003 23:57 6.0.2800.1123 228,864 Msoeacct.dll
11-Oct-2002 22:09 6.0.2800.1123 2,479,616 Msoeres.dll
03-Mar-2003 23:57 6.0.2800.1123 91,136 Msoert2.dll
03-Mar-2003 23:57 6.0.2800.1123 93,184 Oeimport.dll
03-Mar-2003 23:57 6.0.2800.1123 55,808 Oemig50.exe
03-Mar-2003 23:57 6.0.2800.1123 31,744 Oemiglib.dll
03-Mar-2003 23:57 6.0.2800.1123 42,496 Wab.exe
24-Jun-2004 21:26 6.0.2800.1450 463,360 Wab32.dll
03-Mar-2003 23:57 6.0.2800.1123 30,208 Wabfind.dll
03-Mar-2003 23:57 6.0.2800.1123 77,824 Wabimp.dll
03-Mar-2003 23:57 6.0.2800.1123 27,648 Wabmig.exe

Outlook Express 6 SP1 (64-Bit) for Windows XP 64-Bit Edition Service Pack 1

Date Time Version Size File name
--------------------------------------------------------------
03-Mar-2003 22:57 6.0.2800.1123 75,776 Directdb.dll
07-Jun-2004 20:18 6.0.2800.1441 593,408 Inetcomm.dll
11-Oct-2002 21:08 6.0.2800.1123 47,616 Inetres.dll
03-Mar-2003 22:57 6.0.2800.1123 44,032 Msident.dll
03-Mar-2003 22:57 6.0.2800.1123 56,832 Msimn.exe
02-Mar-2004 20:18 6.0.2800.1437 1,175,040 Msoe.dll
03-Mar-2003 22:57 6.0.2800.1123 228,864 Msoeacct.dll
11-Oct-2002 21:09 6.0.2800.1123 2,479,616 Msoeres.dll
03-Mar-2003 22:57 6.0.2800.1123 91,136 Msoert2.dll
03-Mar-2003 22:57 6.0.2800.1123 93,184 Oeimport.dll
03-Mar-2003 22:57 6.0.2800.1123 55,808 Oemig50.exe
03-Mar-2003 22:57 6.0.2800.1123 31,744 Oemiglib.dll
03-Mar-2003 22:57 6.0.2800.1123 42,496 Wab.exe
24-Jun-2004 20:18 6.0.2800.1450 463,360 Wab32.dll
03-Mar-2003 22:57 6.0.2800.1123 30,208 Wabfind.dll
03-Mar-2003 22:57 6.0.2800.1123 77,824 Wabimp.dll
03-Mar-2003 22:57 6.0.2800.1123 27,648 Wabmig.exe

Outlook Express 6 for Windows XP

Date Time Version Size File name
--------------------------------------------------------------
02-Jun-2004 19:00 6.0.2742.200 599,040 Inetcomm.dll
26-May-2004 21:59 6.0.2741.2600 1,175,552 Msoe.dll

Outlook Express 6 for Windows Server 2003

Date Time Version Size File name Folder
--------------------------------------------------------------------
22-Jun-2004 22:38 6.0.3790.181 608,256 Inetcomm.dll RTMGDR
22-Jun-2004 22:38 6.0.3790.181 1,202,176 Msoe.dll RTMGDR
22-Jun-2004 22:38 6.0.3790.181 474,624 Wab32.dll RTMGDR
22-Jun-2004 22:46 6.0.3790.185 608,256 Inetcomm.dll RTMQFE
22-Jun-2004 22:46 6.0.3790.181 1,202,176 Msoe.dll RTMQFE
22-Jun-2004 22:46 6.0.3790.181 474,624 Wab32.dll RTMQFE

Outlook Express 6 (64-Bit) for Windows Server 2003 64-Bit Editions and Windows XP 64-Bit Edition Version 2003

Date Time Version Size File name Platform
-----------------------------------------------------------------------
22-Jun-2004 22:40 6.0.3790.181 2,030,080 Inetcomm.dll IA64
22-Jun-2004 22:40 6.0.3790.181 4,085,760 Msoe.dll IA64
22-Jun-2004 22:40 6.0.3790.181 1,550,848 Wab32.dll IA64
22-Jun-2004 22:38 6.0.3790.181 608,256 Winetcomm.dll X86
22-Jun-2004 22:38 6.0.3790.181 1,202,176 Wmsoe.dll X86
22-Jun-2004 22:38 6.0.3790.181 474,624 Wwab32.dll X86
22-Jun-2004 22:48 6.0.3790.185 2,029,056 Inetcomm.dll IA64
22-Jun-2004 22:48 6.0.3790.181 4,085,760 Msoe.dll IA64
22-Jun-2004 22:48 6.0.3790.181 1,550,848 Wab32.dll IA64
22-Jun-2004 22:46 6.0.3790.185 608,256 Winetcomm.dll X86
22-Jun-2004 22:46 6.0.3790.181 1,202,176 Wmsoe.dll X86
22-Jun-2004 22:46 6.0.3790.181 474,624 Wwab32.dll X86

Outlook Express 5.5 SP2 on Windows 2000 SP3, Windows 2000 SP4, and Windows Millennium Edition

Date Time Version Size File name
--------------------------------------------------------------
04-Jun-2004 16:10 5.50.4942.400 575,248 Inetcomm.dll
04-Jun-2004 16:11 5.50.4942.400 1,147,152 Msoe.dll

Note When you install this security update on Windows Server 2003 or on Windows XP 64-Bit Edition Version 2003, the installer verifies whether one or more of the files that are being updated on your system have been updated previously by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE files to your system. Otherwise, the installer copies the RTMGDR files to your system. For more information, see Microsoft Knowledge Base Article 824994.

Other Information

Obtaining Other Security Updates:

Updates for other security issues are available from the following locations:

Support:

  • Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.
  • International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Security Resources:

Software Update Services:

By using Microsoft Software Update Services (SUS), administrators can quickly and reliably deploy the latest critical updates and security updates to Windows 2000 and Windows Server 2003-based servers, and to desktop systems that are running Windows 2000 Professional or Windows XP Professional.

For more information about how to deploy this security update with Software Update Services, visit the Software Update Services Web site.

Systems Management Server:

Microsoft Systems Management Server (SMS) delivers a highly-configurable enterprise solution for managing updates. By using SMS, administrators can identify Windows-based systems that require security updates and to perform controlled deployment of these updates throughout the enterprise with minimal disruption to end users. For more information about how administrators can use SMS 2003 to deploy security updates, see the SMS 2003 Security Patch Management Web site. SMS 2.0 users can also use Software Updates Service Feature Pack to help deploy security updates. For information about SMS, visit the SMS Web site.

Note SMS uses the Microsoft Baseline Security Analyzer and the Microsoft Office Detection Tool to provide broad support for security bulletin update detection and deployment. Some software updates may not be detected by these tools. Administrators can use the inventory capabilities of the SMS in these cases to target updates to specific systems. For more information about this procedure, see the following Web site. Some security updates require administrative rights following a restart of the system. Administrators can use the Elevated Rights Deployment Tool (available in the SMS 2003 Administration Feature Pack and in the SMS 2.0 Administration Feature Pack) to install these updates.

Disclaimer:

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions:

  • V1.0 (July 13, 2004): Bulletin published

Built at 2014-04-18T13:49:36Z-07:00