It has been reported that a malicious user can deliver and execute hostile code on a victim's system when the user views the affected message, depending on the security zone settings for Outlook Express 6.0.

A specially designed HTML-based e-mail or newsgroup posting may cause hostile code to be covertly installed on a victims' system when the infected message is viewed.

Related Microsoft patches with regard to article MS02-015 have not affected this vunerability.

There is no solution from Microsoft at this time.

Reported by: Malware.com