Home / Microsoft tightens security on XP's Outlook 2002

Microsoft tightens security on XP's Outlook 2002

As part of its Office XP launch, Microsoft has tightened security in its near-ubiquitous E-mail software, Outlook, whose latest incarnation is included with XP.

As part of its Office XP launch, Microsoft has tightened security in its near-ubiquitous E-mail software, Outlook. Outlook 2002, part of Office XP, will also be bundled with the Service Pack 1 release of Microsoft’s Exchange 2000 server, expected this summer. It’s been a bad year for Outlook users. Starting with last year’s Love Bug Visual Basic script worm, Outlook has been relentlessly targeted by copycat infections, including the recent Homepage worm.

Microsoft says it’s been working diligently to secure the besieged program. Mark Croft, Windows XP lead product manager, says one of the most important new features is the software’s ability to keep programs from automatically running from within E-mail messages or attachments. That should plug one of the most common ways virus writers spread malicious software.

"The fact that Microsoft is trying to make Outlook more secure can only be a good thing," said Forrester Research analyst Frank Prince. "But administrators will have to make difficult choices between security and functionality."

"This means every 'good' executable will have to be inspected and digitally signed by IT— a huge workload," said Gartner analyst John Pescatore. "Or IT will have to create a list of sources of trusted executable, which isn't easy."

Pescatore sees two problems with this approach. Any software from a company deemed trustworthy would be accepted without question. And large companies could have proportionately large lists of "approved" companies. The more "approved" companies, the lower the security.

If companies find those approaches too onerous, then XP defaults to asking recipients if they want the application they selected to "talk" to Outlook. "This is a great way to just train users to always hit the 'yes' button. Not a good security practice," said Pescatore.

Overall, analysts say Microsoft is moving in the right direction. According to Pescatore, "On a scale of one to 10, the security provided by Windows 95/2000 against viruses is a zero. The XP features are about a six--dramatic improvement but not good enough to mean antiviral software isn't required at the desktop."

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.