Alert Number: 101107-01
Alert Date:  10/11/07
Alert Title:  Microsoft re-releases security bulletin MS07-056
Update-to:  100907-01 "Microsoft security bulletin release for October"
OS/Platform/Application:
Microsoft Outlook Express 6 and 5.5 (on all applicable Operating Systems)
Microsoft Mail in Windows Vista (all versions)
Category: UPDATE
Severity:  HIGH

Attention:  Windows system Administrators, Desktop Support Personnel, Microsoft Outlook Express and Mail users

Summary:  On October 10 2007 Microsoft re-released Security Bulletin MS07-056.  MS07-056 was originally released on October 9 2007 as a component of the monthly cycle of security bulletins and pertains to a vulnerability in Outlook Express and Windows mail that could result in remote code execution after a vulnerable system visits a malicious website.  This vulnerability was rated as "critical" by Microsoft.

According to the vendor, the October 10 re-release was "revised to include Windows XP Professional x64 Edition in the "Affected Software" section; Known Issues set to none; Corrected missing file information to the bulletin text for Outlook Express 6.0 Service Pack 1 on Windows 2000 Service pack 4 and Outlook Express 5.5 Service Pack 2 on Windows 2000 Service pack 4."

Recommended Actions:  Windows System Administrators/users are encouraged to read the re-released security bulletin and (if appropriate) install the updated bulletin as soon as possible.

ITS Actions:  ITS Systems Management and Operations Staff will apply all necessary patches to the appropriate ITS servers as part of the next scheduled system update.

Resources:

Microsoft Security Bulletin MS07-056 (includes updated material):
http://www.microsoft.com/technet/security/bulletin/ms07-056.mspx