A must have update for all emailers

Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

A new security threat known as the VML vulnerability has just been patched by Microsoft with a possibility of email messages taking advantage of this security gap in Windows.

This is important because there’s a possibility of email messages taking advantage of this security gap in Windows.  Just displaying a message in the preview pane could infect your computer – though it’s a possibility that has not been exploited.

The update is available from here for Windows XP and Windows 2003, including the 64bit versions.

You may already have the update courtesy of Windows Update.  If your computer rebooted itself overnight that’s probably why. To check go to Control Panel | Add Remove Software and tick the ‘Show Updates button. In the long list of Windows XP updates look for one with the label ” (KB925486) “.

Microsoft says, rightly, that the vulnerability affects Internet Explorer.  That’s strictly true but deliberately obscures the fact that many programs make use of the core IE technologies.   People might think they are safe because they don’t use Internet Explorer as their web browser, but that’s not the case.

Most importantly for Office users, Outlook and Outlook Express uses IE systems to display email messages.  Other Office programs use the VML systems in IE to display any VML graphics.

Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address