The full story can be found here http://www.blackcode.com/news/view.php?id=324
A critical vulnerability in the e-mail reader could allow an attacker to send a specially formatted message that would crash the software and potentially take control of the recipient's computer.
"The flaw occurs in how the software handles messages that include components using secure MIME (multipurpose Internet mail extensions), a standard that allows e-mail messages to contain encrypted data and digital signatures.Talking about gaining total access.Outlook Express ships with every Windows system, or rather as part of IE, so it's on every system. But unless it is configured to receive mail, you are not at risk," said Scott Culp, manager for Microsoft security response.
Microsoft Outlook Express 5.5 and 6.0 are both affected