Microsoft has released a patch for what it calls a 'critical security hole' in Outlook Express.
The hole could allow hackers to take remote control of a computer, and exists in releases 5.5 and 6.0 of the pared-down version of Outlook. Microsoft Outlook itself is not affected.
Microsoft said on its website that an attacker could send a specially formatted message that would crash the software and potentially take control of the recipient's machine.
The flaw occurs in how the software handles messages that include components using secure Multipurpose Internet Mail Extensions, a standard that allows emails to contain encrypted data and digital signatures.
An advisory released on Thursday includes links to a patch for Outlook Express 5.5 users and Outlook Express 6 Gold users.
Those who have already downloaded and installed the Internet Explorer 6 service pack or the Windows XP service pack announced on 9 September already have the patch, according to Microsoft.
The company updated the advisory to explain an error message which appears if users attempt to install the new patch but already have Internet Explorer 6 service pack 1 installed.
Microsoft stated that the message which read: 'This update requires Internet Explorer 6.0 to be installed' is incorrect and should say that the patch is not needed.
Wikileaks Vault 7 suspect Joshua Schulte fingered by FBI after re-using smartphone passwords on his PCs
Joshua Schulte indicted on 13 counts relating to Vault 7 leaks and trading in images of child abuse
Alexa for Hospitality will link with existing systems so guests can order room service and control the air con
Massive volcanic eruptions could have warmed Mars' surface sufficiently for oceans to form
Examination of fruit flies' brains generated more than one billion data points for scientists to analyse