The vulnerability exists because of potentially conflicting security settings in Word and Internet Explorer, Microsoft says. When displaying an HTML E-mail in Outlook, the security settings of Explorer are applied, which won't allow scripts to run. However, when forwarding or replying to such documents and Word is the E-mail editor, scripts aren't blocked, the company says.
An attacker could exploit this vulnerability by sending a malformed HTML E-mail containing a script to an Outlook user who's using Word as the E-mail editor. If the user replies to or forwards the E-mail, the script would then run, according to the security bulletin.
More information and a patch that remedies the security hole can be found on Microsoft's Web site.