Help and Support
 

powered byLive Search

Patch Available for OCX Attachment Vulnerability

View products that this article applies to.
Article ID:274303
Last Review:January 29, 2007
Revision:6.2
This article was previously published under Q274303

SYMPTOMS

Microsoft has released a patch that eliminates a security vulnerability that could enable a malicious user to create an e-mail attachment that could cause your e-mail program to shut down. This situation occurs when you close the affected e-mail message, resulting in the following error message:
This program has performed an illegal operation and will be shut down.
If you click Details, you may receive the following error message:
OUTLOOK caused an invalid page fault in module Wmp.ocx at address
NOTE: This vulnerability does not occur unless both Windows Media Player 7 and Outlook or Outlook Express are installed on your computer. This vulnerability does not cause any lasting effects. You can resume normal operation by restarting your mail program and deleting the affected mail. Although the affected ActiveX control (OCX) is associated with Windows Media Player, it poses no threat to Windows Media Player; the vulnerability can be used only against e-mail clients.

Additional information about this issue is available from the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms00-068.asp (http://www.microsoft.com/technet/security/bulletin/fq00-068.mspx)

Back to the top

RESOLUTION

The following file is available for download from the Microsoft Download Center:
Download Wmsu28412.exe now (http://download.microsoft.com/download/winmediaplayer/update/28412/w982kme/en-us/wmsu28412.exe)
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 (http://support.microsoft.com/kb/119591/EN-US/) How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. The English version of this fix should have the following file attributes or later: 
   Date       Time    Version     Size     File name
   -------------------------------------------------
   9/19/2000  09:38a  7.0.0.1956  176,400  Wmp.ocx

Back to the top

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

Back to the top

APPLIES TO
Microsoft Outlook Express 5.5
Microsoft Outlook Express 5.01 Service Pack 2
Microsoft Outlook Express 5.0
Microsoft Outlook Express 5.01 Service Pack 1
Microsoft Windows Media Player 7.0
Microsoft Outlook 2000 Standard Edition

Back to the top

Keywords: 
kberrmsg kbdownload kbgraphxlinkcritical kbprb KB274303

Back to the top

Article Translations

 

Related Support Centers

Other Support Options

  • Need More Help?
    Contact a Support professional by Email, Online or Phone.
  • Customer Service
    For non-technical assistance with product purchases, subscriptions, online services, events, training courses, corporate sales, piracy issues, and more.
  • Newsgroups
    Pose a question to other users. Discussion groups and Forums about specific Microsoft products, technologies, and services.