A security update has been released for both Outlook 2007 and Outlook 2010 to address a vulnerability which could allow remote code execution if a user opens or previews a specially crafted email message.
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
The security update addresses the vulnerability by correcting the way that Microsoft Outlook 2007 and Outlook 2010 parse specially crafted S/MIME email messages.
View: More details and download information for KB2825999 (Outlook 2007)
View: More details and download information for KB2794707 (Outlook 2010)
View: Microsoft Security Bulletin MS13-068 – Critical