Reading back through the more recent posts I also see that many are focused on Internet Explorer 7 as the 'problem' here.

While it's true that a change in the design of security zones within IE 7 has helped contribute to the issue, the real problem lies in the dependancy of Outlook 2003 on IE 7 for HTML rendering. In attempting to protect Outlook from future exploits of HTML within email messages, this made Outlook dependant upon portions of the Internet Explorer [6 or 7] security zones and susceptible to future changes in their handling.

So the fault here lies with the Office 2003 development group who made these short sighted decisions in an attempt to buffer themselves from potential future HTML rendering exploits. Apparently they realized this flaw while developing Office 2007 and chose to remove this dependancy by using Word [2007] for HTML rendering, placing the responsibility and control for security and other concerns back in their own hands.

Other components of the operating system have often been blamed for the faults of Office/Outlook in the past, including problems with oversided PST files and other co-dependant security issues. This was really the result of too many cross dependancies between portions of Office and other parts of the OS, including Internet Explorer. I'm glad to see that with Office 2007 they seem to have taken the direction of removing these dependancies.

Bitman