Patch Available for "The Office HTML Script" Vulnerability and a
Workaround for "The IE Script" Vulnerability

Originally Posted: July 13, 2000

Summary
=======
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Office 2000 (Excel and PowerPoint) and
in PowerPoint 97. Microsoft has also documented a workaround that
prevents the use of Microsoft Access to exploit a vulnerability in
Internet Explorer. A patch for the latter vulnerability will be
available soon and we will have an update to this bulletin.

Frequently asked questions regarding this vulnerability and the patch
can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-049.asp

Affected Software Versions
==========================
Microsoft Excel 2000
Microsoft PowerPoint 97 and 2000
Microsoft Internet Explorer 5.5, 5.01 SP1, 5.01, 4.01 SP2

Patch Availability
==================
Microsoft Excel 2000 and PowerPoint 2000:
http://officeupdate.microsoft.com/2000/downloaddetails/Addinsec.htm
Microsoft PowerPoint 97:
http://officeupdate.microsoft.com/downloaddetails/PPt97sec.htm