Outlook's Virus Vaccine Hurts

Both " I Love You" and last year's Melissa virus e-mailed themselves to users listed in the address books of infected PCs. To prevent viruses from broadcasting themselves to everyone you know, the update will warn you whenever another application tries to access your Outlook address book or send e-mail via Outlook.

Corporations burned by "I Love You" or Melissa will likely welcome the update, but users accustomed to the convenience of sharing files by e-mail may find it a hard pill to swallow. By default, the update blocks various file types, like Microsoft Access Projects and self-extracting zipped files. The update also prevents some features in other apps (including Microsoft Office's mail-merge and Palm synchronization software) from working at all.

So if you take your medicine, how can you share the banned file types? Microsoft recommends using servers within your company's network or using Web-based file storage locations. At press time, Microsoft reported that administrative tools would be added to allow customization of the new security measures.

Get the update for Outlook 98 or 2000 at www.officeupdate.microsoft.com. Office 2000 users must install the SR-1 or SR-1a update before installing the Outlook E-mail Security Update. So far, there's no security update for Outlook Express. Microsoft officials are deciding whether to produce one.

Office 2000 Security Fix

Meanwhile, the Microsoft Office team has been working to close another security breach: In Office 2000 and its individual apps, such as Excel and Word, a hacker could exploit an ActiveX control that automates demonstrations in the Office help files to turn your files to mush. Microsoft admits that the security hole exists because Microsoft incorrectly labeled the code as "safe for scripting." An HTML e-mail message or the host of a Web site you visited could introduce a destructive script armed with the ActiveX control into your PC. To find a link to the 149KB patch and to get instructions for installing the fix, hop to officeupdate.microsoft.com/2000/downloadDetails/Uactlsec.htm.

IE Security Triple Play

Microsoft's latest security update to Internet Explorer (versions 4 and 5) bundles fixes that repair three weak links that could let bad-guy Web site operators have their way with your system. The most dangerous of the three could permit a Web site operator to perform any action on your system that you could do, including reformatting the hard disk. The other two security breaches could allow site operators to read some types of files on your system without your permission and to access cookies they should not be able to read. For installation instructions and a link to the 1959KB download, simply point your browser to www.microsoft.com/windows/ie/download/critical/patch7.htm. Installing the patch requires having IE 4.01 Service Pack 2 or IE 5.01 in place first.

Holes Bug Eudora, Too

Microsoft isn't the only software company struggling with e-mail security. Qualcomm Inc. has issued an E-mail security advisory about a weakness in its Eudora e-mail package. Eudora 4.2 and later versions ask the user for permission to proceed before opening most types of file attachments, including programs such as .exe files. But a recently discovered vulnerability allows an .exe file introduced through a link attached to the message to run unannounced. The security advisory also warns that .vbs files--the type of attachment the "I Love You" virus rode in on--can execute without warning. Qualcomm says that the 4.3.2 version of Eudora adds alerts for all .exe and .vbs files. The advisory provides steps for solving the problem yourself for versions 4.2.1 and later. You can find the advisory by visiting www.eudora.com/security.html.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Mitt Jones

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?