eWeek
Microsoft Corp. on Wednesday upped the severity of one of three security patches it issued a day earlier, warning that it discovered another attack scenario for a hole in Outlook 2002.

The Redmond, Wash., software maker increased the threat level of the Outlook security vulnerability to its highest level of four—"critical." The Outlook 2002 hole could let an attacker run malicious code on a user's machine.

Microsoft originally had labeled the vulnerability as "important" and believed that attackers could only exploit the hole if users had set the Outlook Today folder as the default view for Outlook 2002, said Mike Reavey, a Microsoft security program manager.

...