Patch Available for OCX Attachment Vulnerability

Article translations Article translations
Article ID: 274303 - View products that this article applies to.
This article was previously published under Q274303
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

SYMPTOMS

Microsoft has released a patch that eliminates a security vulnerability that could enable a malicious user to create an e-mail attachment that could cause your e-mail program to shut down. This situation occurs when you close the affected e-mail message, resulting in the following error message:
This program has performed an illegal operation and will be shut down.
If you click Details, you may receive the following error message:
OUTLOOK caused an invalid page fault in module Wmp.ocx at address
NOTE: This vulnerability does not occur unless both Windows Media Player 7 and Outlook or Outlook Express are installed on your computer. This vulnerability does not cause any lasting effects. You can resume normal operation by restarting your mail program and deleting the affected mail. Although the affected ActiveX control (OCX) is associated with Windows Media Player, it poses no threat to Windows Media Player; the vulnerability can be used only against e-mail clients.

Additional information about this issue is available from the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms00-068.asp

RESOLUTION

The following file is available for download from the Microsoft Download Center:
Collapse this imageExpand this image
DOWNLOAD
Download Wmsu28412.exe now
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. The English version of this fix should have the following file attributes or later:
   Date       Time    Version     Size     File name
   -------------------------------------------------
   9/19/2000  09:38a  7.0.0.1956  176,400  Wmp.ocx
				

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

Properties

Article ID: 274303 - Last Review: February 28, 2014 - Revision: 6.2
APPLIES TO
  • Microsoft Outlook Express 5.5
  • Microsoft Outlook Express 5.01 Service Pack 2
  • Microsoft Outlook Express 5.5
  • Microsoft Outlook Express 5.0
  • Microsoft Outlook Express 5.5
  • Microsoft Outlook Express 5.5
  • Microsoft Outlook Express 5.01 Service Pack 2
  • Microsoft Outlook Express 5.0
  • Microsoft Outlook Express 5.5
  • Microsoft Outlook Express 5.01 Service Pack 1
  • Microsoft Outlook Express 5.0
  • Microsoft Outlook Express 5.01 Service Pack 2
  • Microsoft Windows Media Player 7.0
  • Microsoft Outlook 2000 Standard Edition
Keywords: 
kbnosurvey kbarchive kberrmsg kbdownload kbgraphxlinkcritical kbprb KB274303

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com