MS09-010: Description of the security update for Office 2000: April 14, 2009

Microsoft has released security bulletin MS09-010. To view the complete security bulletin, visit one of the following Microsoft Web sites:

• Home users:
  http://www.microsoft.com/protect/computer/updates/bulletins/200904.mspx (http://www.microsoft.com/protect/computer/updates/bulletins/200904.mspx)
  Skip the details: Download the updates for your home computer or laptop from the Microsoft Update Web site now:
  http://update.microsoft.com/microsoftupdate/ (http://update.microsoft.com/microsoftupdate/)
• IT professionals:
  http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx (http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx)

How to obtain help and support for this security update

For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site: North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the following Microsoft Web site: For enterprise customers, support for security updates is available through your usual support contacts.

More information about this security update

Known issue with this security update

The Html32.cnv, Mswrd832.cnv, and Msconv97.dll files are installed from any one of the following sources:

• Windows NT 4.0
• Windows 2000
• Windows Server 2003
• Windows XP
• Microsoft FrontPage 2000 (Html32.cnv only)
• A version of Microsoft Office 2000 that includes Microsoft FrontPage 2000 (Html32.cnv only)

After you install this security update, the Html32.cnv, Mswrd832.cnv, and Msconv97.dll files may not be updated.

If Office is not installed, the Office update will not install on the computer if Office is not present. WordPad or Office will not use these converter files, although they remain present on the system. By default, if Office is installed, the Mswrd832.cnv and Msconv97.dll files are installed only on first use by Office. The files in the TextConv location may not be the Office versions of the files but the operating system versions.

After you install this security update, the Mswrd832.cnv and Msconv97dll files may not be updated. However, the update will install the updated files in the Windows Installer caching mechanism. After you install the Word 97 for Windows or Word 98 Macintosh component, or the first time that you open a Word file, the updated converter is installed to the TextConv location. This is by design.

HTML32.cnv: This file may not update if you are running a version of Office 2000 that does not include FrontPage.

Am I still vulnerable after I apply this update?
No, WordPad uses the WPC files in the TextConv location to open files. When Office requests a relevant file to be loaded, the latest copy will be installed from the Windows Installer caching mechanism that was updated by the security update.

Prerequisites to install this security update

You must have Microsoft Office 2000 Service Pack 3 (SP3) installed to apply this security update.

For more information about how to obtain this service pack, click the following article number to view the article in the Microsoft Knowledge Base:

Removal information

After you install this security update, you cannot remove the update. To revert to an earlier installation of Office 2000, remove Office 2000. Then, reinstall Office 2000 from the original CD.

English

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.