Outlook's Virus Vaccine Hurts

Both " I Love You" and last year's Melissa virus e-mailed themselves to users listed in the address books of infected PCs. To prevent viruses from broadcasting themselves to everyone you know, the update will warn you whenever another application tries to access your Outlook address book or send e-mail via Outlook.

Corporations burned by "I Love You" or Melissa will likely welcome the update, but users accustomed to the convenience of sharing files by e-mail may find it a hard pill to swallow. By default, the update blocks various file types, like Microsoft Access Projects and self-extracting zipped files. The update also prevents some features in other apps (including Microsoft Office's mail-merge and Palm synchronization software) from working at all.

So if you take your medicine, how can you share the banned file types? Microsoft recommends using servers within your company's network or using Web-based file storage locations. At press time, Microsoft reported that administrative tools would be added to allow customization of the new security measures.

Get the update for Outlook 98 or 2000 at www.officeupdate.microsoft.com. Office 2000 users must install the SR-1 or SR-1a update before installing the Outlook E-mail Security Update. So far, there's no security update for Outlook Express. Microsoft officials are deciding whether to produce one.

Office 2000 Security Fix

Meanwhile, the Microsoft Office team has been working to close another security breach: In Office 2000 and its individual apps, such as Excel and Word, a hacker could exploit an ActiveX control that automates demonstrations in the Office help files to turn your files to mush. Microsoft admits that the security hole exists because Microsoft incorrectly labeled the code as "safe for scripting." An HTML e-mail message or the host of a Web site you visited could introduce a destructive script armed with the ActiveX control into your PC. To find a link to the 149KB patch and to get instructions for installing the fix, hop to officeupdate.microsoft.com/2000/downloadDetails/Uactlsec.htm.

IE Security Triple Play

Microsoft's latest security update to Internet Explorer (versions 4 and 5) bundles fixes that repair three weak links that could let bad-guy Web site operators have their way with your system. The most dangerous of the three could permit a Web site operator to perform any action on your system that you could do, including reformatting the hard disk. The other two security breaches could allow site operators to read some types of files on your system without your permission and to access cookies they should not be able to read. For installation instructions and a link to the 1959KB download, simply point your browser to www.microsoft.com/windows/ie/download/critical/patch7.htm. Installing the patch requires having IE 4.01 Service Pack 2 or IE 5.01 in place first.

Holes Bug Eudora, Too

Microsoft isn't the only software company struggling with e-mail security. Qualcomm Inc. has issued an E-mail security advisory about a weakness in its Eudora e-mail package. Eudora 4.2 and later versions ask the user for permission to proceed before opening most types of file attachments, including programs such as .exe files. But a recently discovered vulnerability allows an .exe file introduced through a link attached to the message to run unannounced. The security advisory also warns that .vbs files--the type of attachment the "I Love You" virus rode in on--can execute without warning. Qualcomm says that the 4.3.2 version of Eudora adds alerts for all .exe and .vbs files. The advisory provides steps for solving the problem yourself for versions 4.2.1 and later. You can find the advisory by visiting www.eudora.com/security.html.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Mitt Jones

PC World
Show Comments



Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?