Heckman Consulting Newsletters
No.33 Winter 2007
Do You Really Want to Upgrade?
No.31 Spring 2006
Implementing Document Management
Blog from Heckman Computer Consulting
DMS Issues from Heckman Computer Consulting
Cheatsheets from Heckman Computer Consulting
Seminars from Heckman Computer Consulting
Law Office Computing Articles
Business Automation Checklist
Services Provided: Technology Consulting, Software Support, Planning Support
Supported Software Products: Amicus Attorney, CaseMap and TimeMap, ContactEase, WordPerfect, GroupWise, HotDocs, PC Law, Summation, Time Matters, Worldox
Email Policies
Backup Issues
Virus Issues & Alerts
Useful Links from Heckman Consulting
About Us - Heckmanco.com
Clients of Heckman Computer Consulting



 

Protecting against Viruses with Outlook

Click here for PDF version

Using Microsoft Outlook is an open invitation to virus writers. The same tools that Microsoft has put in place to allow for increased automation and flexibility are those used by virus writers to spread e-mail viruses and worms (such as I Love You and the Anna Kournikova worms). Since Microsoft considers its susceptibility to viruses a "feature" it is unlikely to make any structural changes that would remedy the situation. The Microsoft "Security Patch" does stop some of these viruses, but it also prevents Outlook from functioning properly with third party programs such as case management or Palm Pilot synchronization. The best source of information on these matters is Woody Leondard's "Woody's Office Watch" (at www.woodyswatch.com).

The two main lines of defense, as always, are training and proper virus protection.

  • Train users never to open an attachment unless they know it is coming, even if it is from someone they know. Many viruses spread by sending themselves to the first 50 or so addresses in the infected party's address book. Therefore you can get a virus "from" someone you know that is being sent without their knowledge. Always save the file and view it with a viewer before opening it. Some newer viruses can execute when a file is viewed in the Outlook viewer pane, so that is no longer adequate protection. As a general practice, you should keep the viewer pane closed at all times.
  • Keep your anti-virus software updated. You should update your software at least once a month and once a week if you have a software that will do updates automatically.

There are four additional steps you can take that will substantially cut down on viruses.

  • Always turn on extensions and show all files (*.exe, etc.). Some viruses use double extensions, such as anna.jpg.vbs. Unless you turn on extensions, that file would appear to be a simple graphics file: Anna.jpg. (The *.vbs file indicates that it is a Visual Basic file which is the language many viruses are written in.)
  • Change the *.vbs file association to Notepad, so that any vbs script files will open in notepad and not execute. To do this, right-click on "My Computer" and select "Explore." Select View | Folder Options. Click on the "File Types" tab and scroll down to the "VB Script" options. Change them so that the association is Notepad.exe, not wscript.exe.
  • Rename the two files that are generally used by viruses to execute. These are: c:\windows\wscript.exe and c:\windows\command\cscript.exe.  Note: it is possible (but not too likely) that this may disable some other functionality. After you do this, keep an eye on your system for a week or so to see if you suddenly get strange error messages related to VB Script.

Taken together, these steps will seriously reduce your exposure to viruses when using Outlook.

Follow Suggestions in Woody's Office Watch

People whose clients are using Outlook and other MS products would do well to follow Woody's Office Watch (at www.woodyswatch.com). For information concerning the recent disastrous Outlook "security" patch - which disables integration with Time Matters and many other 3rd party products see in particular the WOW Newsletters 5.24 through 5.26. I find this weekly newsletter indispensable. They have a much superior patch for Outlook which a) lets you choose what functions you want to patch and b) let's you undo the patch if you change your mind. The MS patch does neither and if you change your mind the only solution is to uninstall Outlook and re-install it. Here is an extensive quote from the newsletter:

"Microsoft should make an announcement that in response to complaints it has received (and believe me, the affected ISVs and most MVP who have actually seen the patch are yelling about it), it has decided to postpone release of the patch until it can get it right. It should then focus on a patch that only does 1 and 2 and adds the dialog boxes to 2 to make it easy to customize. If it can find a way to place the address book off limits without being intrusive, it could be added AS AN OPTION.

"But if Microsoft persists and releases this awful, terrible, dysfunctional, dreadful, appalling, atrocious, horrendous, inexcusable patch, you should not use it yourself and you should tell all your friends not to consider the patch. I'll bet almost no one at Microsoft uses it! " In particular, warn any IT types that you know to exercise especial care since the only way to undo this patch is to uninstall and reinstall Office! As to how you can defend yourself without the patch, in the next WOW, I'll provide some work-arounds including a Registry file to accomplish what 1 of the security patch does. For now, you can consult http://www.slipstick.com/outlook/antivirus.htm."


Blog: Does It Compute? | Contact UsUseful Links | About Heckman Consulting
Partial Client List | What's New ? | Software Supported | Service | Home

 
2001- Heckman Consulting, Jersey City, New Jersey.  Law Firm Consulting & Support
Web Site by Consultwebs.com, Specializing in Legal Webs