Microsoft warns of newly discovered security threats.

10 March 2004

Microsoft has now upgraded the severity rating of the vulnerability reported on 9 March 2004 in Microsoft Security Bulletin MS04-009 [summary]. This vulnerability affects Microsoft Office XP and Microsoft Outlook 2002 and, given certain conditions, could allow for remote code execution on unpatched computers. This vulnerability appears to be more serious than first believed and has now been rated as being of critical severity by Microsoft.

A patch against this vulnerability is provided in Microsoft Office XP Service Pack 3. To update your Microsoft Office XP package, go to the Microsoft Office Update web site and click on "Check for Updates". A patch specifically for the vulnerability can also be downloaded from the bulletin (MS04-009).

In addition, Microsoft has released Security Bulletin MS04-010 [summary] and Security Bulletin MS04-008 [summary]. The former bulletin reports a minor vulnerability in Microsoft MSN Messenger 6.0 and 6.1 while the latter warns of a vulnerability that affects only Microsoft Windows 2000 Server. The latter bulletin is therefore primarily of interest to system administrators.

For detailed information on these vulnerabilities and downloads see the following Knowledge Base Articles:

Important:
We recommend that users patch their systems by downloading and installing critical Microsoft updates as soon as possible.

Users are also encouraged to update their antivirus software daily and to install a firewall on their computers, if they have not done so already. For more information on firewalls, please read Microsoft's tutorial on how to protect your PC.
Commtouch® is a leading developer of anti virus software and anti spam filtering services. Commtouch's anti virus computer software, F-PROT Antivirus, is available for a number of operating systems such as Windows, Linux, BSD, Solaris, and AIX as well as the Microsoft Exchange groupware.

1993-2013 © CYREN