Re: Ignore Patch That Messes With MSOE.DLL?

Thank you. I've lost track of the names and numbers of the patches. What I do
know is that I brought this up in April 2006
http://www.ureader.com/message/3690870.aspx and seemed to recall being told
elsewhere that it was a known problem.

In any event, a couple of new systems and installations later it's still a
problem.

"MowGreen [MVP]" wrote:

Cumulative Security Update for Outlook Express for Windows XP (KB911567)
was replaced by Microsoft Security Bulletin MS07-034 - Critical
Cumulative Security Update for Outlook Express and Windows Mail (929123)
IF you have installed KB929123 then there is no need to install KB911567
as a later Version of msoe.dll [6.0.2900.3138] is included.

MS07-034: Cumulative security update for Outlook Express and for Windows
Mail: http://support.microsoft.com/kb/929123

Under the 'Known issues with this security update' section there is no
mention of the issue you describe.

The other update, KB936181, has no relevance to OE.

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============


John Ciccone wrote:

One of the more current security patches places a newer version of MSOE.DLL
in the Outlook Express directory. This kills some very important Word macros
that output to email (creates an incoming rather than outgoing email).

I was advised Feb-2006 that MS was aware of this problem.

Am I risking security by avoiding this patch? If so, any suggestions on how
to deal with this?

I think the patch in question is:

Cumulative Security Update for Outlook Express for Windows XP (KB911567)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to
remotely compromise your Windows-based system using Outlook Express and gain
control over it. You can help protect your computer by installing this update
from Microsoft.

- or -

Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB936181)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in Microsoft XML Core Services (MSXML)
that could allow an attacker to compromise your Windows-based system and gain
control over it. You can help protect your computer by installing this update
from Microsoft.

.

Relevant Pages

  • Re: Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)
    ... the vulnerability discussed in this bulletin is not ... > offered for Windows 98 as well, unlike the updates from MS04-024, ... Fixes a behavior that was introduced in MS03-014 where Outlook Express ... >> Asked Questions related to this security update section of this bulletin. ...
    (microsoft.public.win2000.general)
  • Re: Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353)
    ... the vulnerability discussed in this bulletin is not ... > offered for Windows 98 as well, unlike the updates from MS04-024, ... Fixes a behavior that was introduced in MS03-014 where Outlook Express ... >> Asked Questions related to this security update section of this bulletin. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • RE: OT - 5 New Critical Updates for WinXPSP1 from WIndows Update
    ... Can anybody help me regarding Outlook express? ... Customers should consider applying the security update. ... Microsoft Windows XP and Microsoft Windows XP Service Pack 1 ... > Severity Ratings and Vulnerability Identifiers: ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress.stationery)
  • Re: windows update
    ... Security Update for Windows XP ... Cumulative Security Update for Outlook Express for Windows XP ... Security Update for Windows Media Player Plug-in ...
    (microsoft.public.windowsupdate)
  • Re: Some updates were not installed
    ... by using Automatic Updates after you repair a Windows XP installation ... Security Update for Windows XP ... Security Update for Outlook Express for Windows XP ...
    (microsoft.public.windowsupdate)