Microsoft security bulletin MS02-044 addresses three issues in Office Web Components (OWC), which are included in the following products: BackOffice 2000, BizTalk 2000 & 2002, Commerce Server 2000 & 2002, Internet Security & Acceleration Server 2000, Money 2002 & 2003, Office 2000, Office XP, Project 2002, Project Server 2002, and Small Business Server 2002. The OWC's ActiveX controls have several vulnerabilities which an attacker could use to run arbitrary commands, access the clipboard, or read any file on a victim's system. An exploit could be embedded in a maliciously crafted web site or HTML e-mail, although users who have set their Outlook and IE security settings to view e-mails and untrusted sites in the Restricted Sites zone would be safe. Microsoft has marked all of these vulnerabilities as 'Critical' so be sure to download the patch immediately: http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-044.asp