Status of Excel97 ODBC Security Vulnerability

[secure () MICROSOFT COM (Microsoft Product Security Response Team)]

Hi All -
I'd like to provide a quick update on the Excel 97 ODBC vulnerability issue.
We are continuing to thoroughly test the solution to ensure it is rock solid
and ready for our customers. The solution will eliminate the vulnerability
in Jet v.3.51 and will be posted on both http://officeupdate.microsoft.com/.
This patch will not require an upgrade to Jet v.4. Our developers and
testers are on track to complete work on the patch and make it available the
week of August 16th. When the patch is available, we will provide a Security
Bulletin and other information that will discuss the steps that customers
should take.  In the meantime, we'll provide updated information at
http://www.microsoft.com/security.
Also, we have just released a new tool called the Office Document Open
Confirmation Tool. By installing it, Office users are prompted for
confirmation when opening any Office document (Word, Excel, PowerPoint or
Access) launched from within Internet Explorer. The tool can be run via a
GUI or from a command line. It is not the solution to the ODBC vulnerability
issue, but can help customers protect themselves by issuing a security
warning, allowing them to choose not to open the document. It's available at
http://www.microsoft.com/security/Issues/OfficeDocOpenTool.asp.
Regards,
Secure () microsoft com