=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2004/VULN310
_____________________________________________________________________

DATE                      : 21/07/2004

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows.

======================================================================

MS04-018

Title:  Cumulative Security Update for Outlook Express (823353)

Affected Software:
  - Microsoft Windows NT Workstation 4.0 Service Pack 6a
  - Microsoft Windows NT Server 4.0 Service Pack 6a
  - Microsoft Windows NT Server 4.0 Terminal Server Edition Service
Pack 6
  - Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000
Service Pack 3, Microsoft Windows 2000 Service Pack 4
  - Microsoft Windows XP and Microsoft Windows XP Service Pack 1
  - Microsoft Windows XP 64-Bit Edition Service Pack 1
  - Microsoft Windows XP 64-Bit Edition Version 2003
  - Microsoft Windows Server 2003
  - Microsoft Windows Server 2003 64-Bit Edition
  - Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (Me) - Review the FAQ
section of this bulletin for details about these operating systems.

Affected Components:
  - Microsoft Outlook Express 5.5 Service Pack 2
  - Microsoft Outlook Express 6
  - Microsoft Outlook Express 6 Service Pack 1
  - Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition)
  - Microsoft Outlook Express 6 on Windows Server 2003
  - Microsoft Outlook Express 6 on Windows Server 2003 (64 bit
edition)

Impact of Vulnerability:  Denial of Service

Maximum Severity Rating:  Moderate

Restart required:  In some cases, this update does not require a
restart. The installer stops the required services, applies the
update, and then restarts the services. However, if the required
services cannot be stopped for any reason or if required files are in
use, this update will require a restart. If this occurs, a message
appears that advises you to restart.

Update can be uninstalled: Yes

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS04-018.mspx
**********************************************************************

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
	=========================================================
	+ CERT-RENATER		| tel : 01-53-94-20-44		+
	+ 151 bd de l'Hopital	| fax : 01-53-94-20-41		+
	+ 75013 Paris		| email: certsvp@renater.fr	+
	=========================================================