Cumulative Patch for Outlook Express (330994) Originally posted: April 23, 2003 Summary Who should read this bulletin: Customers using Outlook Express. Impact of vulnerability: This bulletin addresses a vulnerability that could allow an attacker to run code of the attacker’s choice on a user’s machine. To exploit the vulnerability, attacker would have to be able to cause Windows to open a specially constructed MHTML URL, either on a web site or included in an HTML email message. Maximum Severity Rating: Critical Recommendation: Customers should install the patch at the earliest opportunity. Affected Software: Microsoft Outlook Express 5.5 Microsoft Outlook Express 6.0 More Information Download Patch