Microsoft Internet Explorer Self Executing HTML File Vulnerability
The Cumulative Patch for Outlook Express (330994) from Microsoft Security Bulletin MS03-014 removes the ability of MHTML to read any file format other than .MHT and .MHTML. This effectively prevents exploitation of this vulnerability since it relies on the ability of MHTML to read a prohibited file type.
Microsoft Outlook Express 5.5 SP2
Microsoft Outlook Express 6.0
Microsoft Outlook Express 6.0 SP1