Microsoft KB Archive/892843

= Description of the security update for Outlook 2003: January 10, 2006 =

Article ID: 892843

Article Last Modified on 9/21/2007

-

APPLIES TO


 * Microsoft Office Outlook 2003
 * Microsoft Office 2003 Multilingual User Interface Pack
 * Microsoft Office 2003 Language Interface Pack

-





Microsoft has released security bulletin MS06-003. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web sites:  Home users:

http://www.microsoft.com/athome/security/update/bulletins/200601.mspx

 IT professionals:

http://www.microsoft.com/technet/security/bulletin/MS06-003.mspx



This security update was first included in Office 2003 Service Pack 3. For more information about the latest service pack for Office 2003, click the following article number to view the article in the Microsoft Knowledge Base:

870924 How to obtain the latest service pack for Office 2003



Security Update for Office 2003 MultiLanguage Pack (KB892843)
A security vulnerability exists in Microsoft Office Outlook 2003 that could allow arbitrary code to run when you open a maliciously modified e-mail message. This update resolves that vulnerability when Outlook 2003 is used with a MultiLanguage Pack. To download the Security Update for Office 2003 MultiLanguage Pack (KB892843), visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyId=D69554AD-196F-4789-91E5-B2A753EED854

Security Update for Office 2003 English User Interface Pack (KB892843)
A security vulnerability exists in Outlook 2003 that could allow arbitrary code to run when you open a maliciously modified e-mail message. This update resolves that vulnerability when Outlook 2003 is used with an English User Interface Pack. To download the Security Update for Office 2003 English User Interface Pack (KB892843), visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyId=D69554AD-196F-4789-91E5-B2A753EED854

Security Update for Office 2003 Language Interface Pack (KB892843)
A security vulnerability exists in Outlook 2003 that could allow arbitrary code to run when you open a maliciously modified e-mail message. This update resolves that vulnerability when Outlook 2003 is used with a Language Interface Pack. To download the Security Update for Office 2003 Language Interface Pack (KB892843), visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyId=1D156043-B041-4305-8442-3C4E3B832788&displaylang=en

List of issues that the security update fixes
The Outlook 2003 security update fixes the issues that are described in the following Microsoft Knowledge Base articles:

892560 Organizer is missing when an attendee accepts an updated meeting request by using CDO 1.21

899018 When you try to retrieve appointments in a CDO-based program that is running on an Exchange Server 2003 server, the CDO-based program may stop responding

The Outlook 2003 security update fixes the following issue that was not previously documented in the Microsoft Knowledge Base:
 * You cannot obtain the entryID of a mailbox store by using Collaboration Data Objects (CDO) when the length of the entryID is 255 bytes

If you try to use Collaboration Data Objects (CDO) to obtain the entryID of a mailbox store when the length of the entry ID is 255 bytes, you cannot obtain the entryID. If you try the second time, the Outlook client may quit.

Known issues during installation of the security update
 Security update for Office 2003 Language Interface Pack

Microsoft Office 2003 Service Pack 1 for Language Interface Pack is recommended only for the Catalan (CAT), Norwegian (Nynorsk) (NON), and Serbian (Cyrillic) (SRB) language versions. All other language versions are at the original version level of Office 2003 Service Pack 1 for Language Interface Pack. You cannot remove the update

You may not have the option to remove the update from the Add or Remove Programs tool in Control Panel. There are several possible causes for this issue. For more information about the possible causes for this issue, click the following article number to view the article in the Microsoft Knowledge Base:

903771 Information about the ability to uninstall Office updates

 You may be prompted to restart the computer if you are running Microsoft Office Communicator

If you are running Microsoft Office Communicator, you may be prompted to restart the computer after the installation of the security update. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

905726 You are unexpectedly prompted to restart the computer after you install an Office service pack or an Office update

</ul>

Removal information
To remove this update, use the Add or Remove Programs tool in Control Panel. For more information about how to remove Office updates, click the following article number to view the article in the Microsoft Knowledge Base:

903771 Information about the ability to uninstall Office updates

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted OL2003 MUI ELP OFF2003 LIP

Keywords: kbbug kbfix kbqfe kbupdate atdownload kboffice2003presp3fix kboffice2003sp3fix KB892843

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.