>>Outlook and Outlook Express use IE to display HTML mails, which make some of the IE bugs exploitable (I don't know if it's the case for this one). In general this isn't true for any remotely recent copy of either program. Both run HTML mail in the restricted zone which disabled all script, ActiveX and anything else dangerous