|
 Using Microsoft Outlook is an open invitation to
virus writers. The same tools that Microsoft has put in place
to allow for increased automation and flexibility are those used
by virus writers to spread e-mail viruses and worms (such as
I Love You and the Anna Kournikova worms). Since Microsoft considers
its susceptibility to viruses a "feature" it is unlikely
to make any structural changes that would remedy the situation.
The Microsoft "Security Patch" does stop some of these
viruses, but it also prevents Outlook from functioning properly
with third party programs such as case management or Palm Pilot
synchronization. The best source of information on these matters
is Woody Leonhard’s "Woody’s Office Watch"
(at www.woodyswatch.com).
The two main lines of defense, as
always, are training and proper virus protection.
- Train users never to open an attachment
unless they know it is coming, even if it is from someone they
know. Many viruses spread by sending themselves to the first
50 or so addresses in the infected party’s address book.
Therefore you can get a virus "from" someone you know
that is being sent without their knowledge. Always save the file
and view it with a viewer before opening it. Some newer viruses
can execute when a file is viewed in the Outlook viewer pane,
so that is no longer adequate protection.
- Keep your anti-virus software updated.
You should update your software once a month and more often if
a new virus becomes widespread.
There are four additional steps
you can take that will substantially cut down on viruses.
- Always turn on extensions and show
all files (*.exe, etc.). Some viruses use double extensions,
such as anna.jpg.vbs. Unless you turn on extensions, that file
would appear to be a simple graphics file: Anna.jpg. (The *.vbs
file indicates that it is a Visual Basic file which is the language
many viruses are written in).
- Change the *.vbs file association
to Notepad, so that any vbs script files
will open in notepad and not execute. To do this, right-click
on "My Computer" and select "Explore." Select
View | Folder Options. Click on the "File Types" tab
and scroll down to the "VB Script" options. Change
them so that the association is Notepad.exe, not wscript.exe.
- Rename the two files that are generally
used by viruses to execute. These are: c:\windows\wscript.exe
and c:\windows\command\cscript.exe.
Note: it is possible (but not too
likely) that this may disable some other functionality. After
you do this, keep an eye on your system for a week or so to see
if you suddenly get strange error messages related to VB Script.
Taken together, these steps will
seriously reduce your exposure to viruses when using Outlook.
|
