-----BEGIN PGP SIGNED MESSAGE-----

Dear SSCs and other sysops,

On Tue, 28 July the CERT-NL Security Advisory S-98-49 "Microsoft Outlook
Express/98 Overrun Vulnerability" pointed at the Microsoft patches available to
overcome this vulnerability. Today a message has been posted that the provided
patch for Microsoft Outlook Express does not solve all problems:

"Microsoft has warned that a patch posted yesterday intended to fix a
security hole in its Outlook Express email program does not fix a related
problem.
The company said users can download the current patch, intended to fix a
potential security hole, and that a new patch will be available shortly.
The company did not provide any additional details on the related problem.
Company executives were not immediately available for comment."

This only concerns the Outlook Express patch, not the Outlook 98 patch.

More news about this can be found at
http://www.news.com/News/Item/0,4,24721,00.html?st.ne.ni.lh

This mail is to warn those that already downloaded the patch and applied it. You
have to go back again in about a week to get the latest patches to solve all
problems.

Sincerely,

Egon Verharen
CERT-NL

-----BEGIN PGP SIGNATURE-----
Version: PGP for Business Security 5.5

iQCVAwUBNb9/KlpSTqmIRWKVAQGUtwP+PZ8socuBM50RX7s3D6kkewZdMRYsQzl9
JNt9yaD96T2AixUzFPnY3T2DWilkf9RnrC80ucHI1LXKNQqPCRhJk90HteyYwXFF
OXqE3TmxOD04+2Uf/DMi+9A1sObkgt6hvvbV2lyRRma7nYc0f3Pq+rbSbVVMqXuM
5sPpjK65j+g=
=tN2g
-----END PGP SIGNATURE-----