Vulnerable versions of Outlook

Eric Sites here did some quick and dirty testing to see what versions of Outlook are vulnerable to the VML exploit. Here’s our current list:

Outlook 2007 - 12.0.417.1006, Can view VML but apparently not vulnerable.

Outlook 2002 - not vulnerable

Outlook 2000 - not vulnerable

Outlook 2003 11.5608.8028 – not vulnerable

Outlook 2003 11.5608.5606– not vulnerable

Outlook 2003 11.6568.6568 SP2 – not tested

Outlook 2003 11.8010.8036 SP2 – vulnerable

So, ironically, your most patched version of Outlook 2003 is the most likely at risk.

A mitigation is turning off the Preview Pane and reading all your email in plain text. Or, simply disable VML — easy and quite effective. We’ve done it company-wide ourselves.