Article ID: 274303 - Last Review: January 29, 2007 - Revision: 6.2

Patch Available for OCX Attachment Vulnerability

View products that this article applies to.
This article was previously published under Q274303
Expand all | Collapse all

SYMPTOMS

Microsoft has released a patch that eliminates a security vulnerability that could enable a malicious user to create an e-mail attachment that could cause your e-mail program to shut down. This situation occurs when you close the affected e-mail message, resulting in the following error message:
This program has performed an illegal operation and will be shut down.
If you click Details, you may receive the following error message:
OUTLOOK caused an invalid page fault in module Wmp.ocx at address
NOTE: This vulnerability does not occur unless both Windows Media Player 7 and Outlook or Outlook Express are installed on your computer. This vulnerability does not cause any lasting effects. You can resume normal operation by restarting your mail program and deleting the affected mail. Although the affected ActiveX control (OCX) is associated with Windows Media Player, it poses no threat to Windows Media Player; the vulnerability can be used only against e-mail clients.

Additional information about this issue is available from the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms00-068.asp (http://www.microsoft.com/technet/security/bulletin/fq00-068.mspx)
Back to the top

RESOLUTION

The following file is available for download from the Microsoft Download Center:
Collapse this imageExpand this image
Download Wmsu28412.exe now (http://download.microsoft.com/download/winmediaplayer/update/28412/w982kme/en-us/wmsu28412.exe)
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591  (http://support.microsoft.com/kb/119591/EN-US/ ) How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. The English version of this fix should have the following file attributes or later: 
   Date       Time    Version     Size     File name
   -------------------------------------------------
   9/19/2000  09:38a  7.0.0.1956  176,400  Wmp.ocx
Back to the top

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
Back to the top
APPLIES TO
  • Microsoft Outlook Express 5.5
  • Microsoft Outlook Express 5.01 Service Pack 2
  • Microsoft Outlook Express 5.0
  • Microsoft Outlook Express 5.01 Service Pack 1
  • Microsoft Windows Media Player 7.0
  • Microsoft Outlook 2000 Standard Edition
Back to the top
Keywords: 
kberrmsg kbdownload kbgraphxlinkcritical kbprb KB274303
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations

 

Related Support Centers