Microsoft previously released a security update for Jet and ODBC that addressed the Office ODBC Driver Vulnerability reported on July 27, 1999. The initial patch updated Jet 3.51 and associated ODBC database drivers which eliminated the vulnerability that could be exploited using an Excel 97 query to do malicious acts, such as deleting files or updating text files on a user's machine. This new update includes previous fixes, and in addition, now includes updates for Text I-ISAM, Lotus I-ISAM and Excel I-ISAM drivers. This update also includes the previously released Office Document Open Confirmation Tool that prompts Office users for confirmation when opening Office documents (Word, Excel, PowerPoint, or Access) launched from within Internet Explorer. While this newest update was designed specifically for Microsoft Office users, it may be safely used to update Microsoft Jet 3.51 [4.0] files without the presence of Office files.
Note Microsoft recommends that all Office 97 and Excel 97 users update their systems with this security update. For corporate users, we recommend that you first contact your system administrators before applying any updates or patches. For additional technical details on this update, please see the Microsoft Security Bulletin MS99-030.