Microsoft Outlook Express Patch Flawed
Users are reporting problems installing a patch for a critical flaw in Microsoft's Outlook Express.Microsoft Corp. on Friday said that a patch it released Thursday for an Outlook Express vulnerability erroneously tells users they need a different version of Internet Explorer in order to install the fix. In fact, the patch requires IE 6, but users who have installed Service Pack 1 for the browser are already protected against the new flaw. Thus when these users try to install the new patch, they receive an error message. However, the error message is misleading, in that it tells users they need to install IE 6, and not that theyre already protected. A Microsoft spokesman said the company has updated its advisory on the Outlook Express flaw to reflect the SP 1 issue. The patch, which fixes a vulnerability in the way Outlook Express 5.5 and 6 handle a specific error condition, requires that users have Internet Explorer 6 running on their machines. Yet, several users who are running the required browser version have said they are still getting an error message and cannot install the patch.
When they try to install the fix, a message saying "This update requires Internet Explorer 6.0 to be installed" appears and the installation stops.