|
A MEMBER OF THE ZATZ MAGAZINE NETWORK |
|
|
|
March 14, 2004 |
INSIDE THIS ISSUE
Understanding Office XP SP3
An important warning
This week's news |
|
| |
|
|
SMART TOOLS FOR DATABASE MARKETING
Accept this FREE trial of our Data Quality Tools and you'll discover how easy it is to transform your customer database into a money-making machine.
Use these programming tools to repair addresses, update area codes, parse and genderize names, build a dealer locator, append geographic data, and more.
Request a FREE trial now at http://www.melissadata.com/op. |
|
MAKE OUTLOOK DO WHAT YOU'VE ALWAYS WANTED IT TO DO - CHOOSE FROM 30 POWERFUL OUTLOOK ADD-INS
Save time and increase your productivity with these powerful Outlook add-ins. Automatically save attachments, schedule recurring emails, easily print just emails or just attachments, hide business fax email addresses from the "To:" list and many more.
Free installation help, and a 30-day money back guarantee.
Click here to find 30 Outlook add-ins that can make a difference. |
|
TRANSFORM OUTLOOK INTO A POWERFUL SALES SOLUTION
- Tired of using Outlook and ACT?
- Goldmine too complicated?
- Be more organized and close more sales;
- Satisfaction Guaranteed;
- Do everything inside of Outlook!
Click here to learn more about Prophet |
|
|
THIS WEEK'S POWERTIP
Understanding Office XP Service Pack 3 and an important warning
By Diane Poremsky
Early last week Microsoft released Office XP Service Pack 3 along with security bulletin MS04-009. The exploit described in the security bulletin affects only Outlook 2002 SP2, so updating to SP3 takes care of one worry but may create more problems.
MS04-009 addresses a security vulnerability which exists within Outlook 2002 that could allow Internet Explorer to execute script code in the Local Machine zone on an affected system. To exploit this vulnerability, an attacker would have to host a malicious Web site that contained a Web page designed to exploit the vulnerability and then persuade a user to view the Web page.
Since users are only at risk when Outlook 2002 is configured as the default mail reader and when the "Outlook Today" home page is their default folder home page, you can disable Outlook Today by unchecking the option to show a folder homepage by default to fix this vulnerability.
Note that if an attacker exploited this vulnerability, the attacker would gain only the same privileges as the user. This means users whose accounts are configured to have few privileges on the system would be at less risk than users who operate with administrative privileges. This is why no one recommends logging on to administrator accounts for normal usage, even though it is more convenient.
Only Outlook 2002-SP2 is affected by this exploit, Outlook 98, 2000, and 2003 are not affected, however, anyone who doesn't use Outlook Today can disable it as a precaution. To disable Outlook Today, right click on the top level folder in the mailbox or personal folders. (It's the folder with the little house icon.) Choose Properties, then Home Page and remove the check from "Show home page by default for this folder".
As I mentioned earlier, updating to Outlook 2002 SP3 fixes the exploit but may create more problems. After installing Outlook 2002 SP3 you many see the "a program is trying to access...allow it for 1 minute" security warning.
This warning message is a result of Outlook 2002 SP3 adding additional properties to the list of those that are affected by the security features, properties which are blocked by Outlook 2003. Anti-spam add-ins, which read the message body as part of their anti-spam scanning, are a common cause, although others are affected by the changes as well. Many add-ins were updated following the release of Outlook 2003 and should work with SP3, but many others need re-engineered to work with Outlook 2002 SP3. Until the add-ins which cause this warning are updated, you'll need to either live with the warning or disable the add-in, as SP3 cannot be uninstalled. If you use a version of Windows that supports System Restore, you may be able use a restore point to remove SP3.
Like many visitors to the Microsoft newsgroups (at msnews.microsoft.com) you're probably wondering: "Didn't Microsoft test this?" Well, yes, but...Service Packs usually have a limited number of outside beta testers and the beta notes did not mention security changes. Apparently few, if any, beta testers used programs that triggered the warnings in Outlook, so no one knew about the security changes prior to the official release, or which add-ins would trigger the security warnings. Additionally, in a move that is inexcusable, release notes did not mention the security changes and the KB articles covering the changes were not available at the time of SP3's release.
Administrators should not apply this Service Pack on production systems until thoroughly testing it with their custom applications and forms first. My personal recommendation is to wait at least two weeks to see what develops. While I don't believe Microsoft will re-release the patch with these new security features removed, waiting will give vendors time to update their software, resulting in less inconvenience to users. Note that while Outlook is getting all the attention, there are some minor issues with Excel and Word as well.
Diane Poremsky is the president of CDOLive LLC and a Microsoft Outlook MVP. She's author of Teach Yourself Outlook 2003 in 24 Hours (Sam's, 2003) and coauthor of OneNote 2003 for Windows (Visual QuickStart Guide). For questions or suggestions for future columns, write her at outlook@cdolive.com.
|
|
AUTOMATE DATA ENTRY USING ADDRESSGRABBER
AddressGrabber Lite captures contact name, email address and phone numbers from email signatures, Web pages, and documents and automatically transfers them to Outlook contacts.
AddressGrabber Lite also checks for duplicates automatically and updates the existing contact in Outlook. Also, transfer contacts out of Outlook into other applications like Word, ACT!, Palm desktop, label printers, and more.
Click here to download a free copy of AddressGrabber Lite today. |
|
NEW! 40 powerful tips, insider tricks, and sneak peaks into the future of Outlook and Exchange
Across eight chapters, we've included 40 separate articles from OutlookPower Magazine in this powerful ebook. We cover topics that range from maximizing your ability to manage contacts to protecting yourself against spam and viruses, to a whole load of time savers.
Plus, there are a bunch of very informative reviews and a very special, exclusive sneak peak into the future of Outlook and Exchange.
Order Today! Only $19.95 |
|
OUTLOOKPOWER NEWS CENTER
This week's news
Want to get the very latest Outlook and Exchange news? The OutlookPower News Center is updated every day with news of product releases, industry info, tips, techniques, and pointers to great Outlook and Exchange resources on the Web. Here's this week's news:
ISPs take legal action again spammers
Microsoft, AOL, EarthLink and Yahoo announced they'll be among the first to sue six of the most active spammers under the federal CAN-SPAM Act.
Senate takes aim at spyware
A new federal bill hopes to eliminate spyware that relays user information or even keystrokes to outsiders and rein in adware, which prompts those annoying pop-up advertisements. The goal is to protect users from identity theft and organizations from intellectual-property loss.
Python vulnerability
Python an interactive, object-oriented programming language commonly used for scripting, is vulnerable to a bug that could allow a remote attacker to execute arbitrary code or gain system access.
Hotmail problems
A significant portion of people who use the Hotmail e-mail system and other Internet-based products were having trouble accessing the services on Friday. The company said it was an internal problem rather than an attack on its system.
Office XP update interferes with spam filters
The latest set of updates for Office XP is causing problems with two junk mail filtering products. Users of Sunbelt Software's iHateSpam and Cloudmark's SpamNet are encountering security warnings with each email message they receive.
Changing passwords in OWA
Exchange Server 5.5 and 2000's Outlook Web Access (OWA) allows clients to read Exchange-based e-mail through a web browser, but by default does not allow users to change domain passwords in IIS 5.0. Serdar Yegulalp of SearchExchange.com tells us how you can enable password-changing through OWA.
Spam filters often lose emails
Return Path, a company that monitors email performance for online marketers, has found that nearly 19 percent of email sent by its customers never reached the inboxes of intended recipients.
The Expert's Guide for Exchange 2003
Chapter 2 of Steve Bryant's e-book, Experts Guide for Exchange 2003 is now available. Free registration is required in order to download the chapters.
Live Communications Server 2003 update
This download provides new versions of four scripting files that were included with Live Communications Server 2003. You should download and use these updated scripting files if you plan to migrate from Microsoft Exchange 2000 Instant Messaging to Live Communications Server 2003.
GFI MailSecurity update
GFI has released an update to its email exploit engine today which can detect any viruses that exploit the newly discovered high risk Outlook 2002 vulnerability.
Outlook Express Backup 1.83
ABF Outlook Express Backup is a backup utility for MS Outlook Express from ABF software. The program can back up and restore messages, address book, settings and preferences, mail and news accounts, message rules, blocked senders lists, signatures, and even Internet Explorer favorites.
Office 2003 targets power users
Businesses that want their Office applications to be more than a one-trick pony are going to like Office 2003, experts say.
Linux a threat to Exchange
Enterprises are using Linux more often as a platform on which to prop up their messaging solutions. The biggest casualty in this trend is Microsoft Exchange, says a one industry observer.
Army puts an end to free Office
Microsoft has been mailing free copies of its Office productivity software to government employees, but CNET News has learned that at least two federal agencies are warning recipients to return the gifts or risk violating federal ethics policies.
Registry Defragmentation 5.0
Registry Defragmentation physically defragments the Windows registry file to give it the proper linear structure. As a result of regular registry defragmentation, computer users get a more stable operating system, shorter application/system response time, and the most optimal linear registry structure.
Reg Organizer 2.0 released
ChemTable Software has announced version 2.0 of its registry maintenance solution allowing Windows users to take control over the registry database using a set of easy-to-use tools for optimizing system performance. The application offers advanced registry management methods that are not included in Windows package making it possible to preview ..reg file before adding data to the registry, automatically find, replace and delete multiple instances of user-specified registry keys and values as well as clean up obsolete registry entries and monitor certain registry keys modifications.
Email defense for Microsoft Exchange
Dr. Thomas Shinder tells us how the ISA 2004 firewall protects your Exchange Server by acting as the first line of defense against spam and viruses.
Microsoft's SUS plans
Microsoft is expected to reveal a new patch management strategy at next week's Microsoft Management Summit 2004 in Las Vegas, including introducing new versions of Software Update Services.
New networking site launched
WindowsSecurity.com has launched a new sister site, WindowsNetworking.com, a site completely dedicated to Windows networking related topics such as setting up Windows NT/XP/2000/2003 networks, troubleshooting, connectivity and much more.
Password expiration
If you're an Outlook Web Access 5.5 and Exchange 5.5 user and have ever encountered the Password expires in 0 days error, this tip from SearchExchange will help you deal with it.
Vulnerability in Outlook 2002
A security vulnerability in Outlook 2002 could allow Internet Explorer to execute script code in the Local Machine zone on an affected system. The parsing of specially crafted mailto URLs by Outlook 2002 causes this vulnerability.
PROMODAG Reports Version 6.5 released
PROMODAG Reports for Microsoft Exchange Server will measure the usage of your electronic messaging system from inside and outside the organization, analyze traffic patterns and establish the cost of using the system, by creating reports and graphs.
Easy viewing with Outlook 2003
If you use Outlook 2003, then you know it has many new features compared to its predecessor. This Tip explains how to get the most from them and other changes.
Windows could lose Media Player in Europe
If Microsoft cannot settle an antitrust case brought by European Union regulators, the company may be ordered to remove Windows Media Player as an integrated feature of the dominant Windows operating system, at least for personal computers sold in Europe.
Worm masquerades as Microsoft Patch
A new worm purporting to contain a patch to defend against MyDoom is attacking Windows machines throughout Europe and parts of North America.
MS provides statement to Justice Department
Microsoft executives have provided a sworn statement to the U.S. Department of Justice that could help out the Justice's suit against Oracle.
AddressX
All the contacts from your company's Exchange Global Address List (GAL) are available directly from the OS X Address Book quickly and easily. All with no need to install additional software on your Exchange server.
From code war to Cold War
A new cold war has broken out in the software world, technology analyst Bill Thompson believes, and it will shape our futures.
Microsoft MVPs to get Office 12 peek
Early next month, Microsoft is set to share its vision for its next-generation Office, Windows, database and other products with hundreds of its Most Valuable Professionals (MVPs).
Windows Server to get reloaded
On the heels of acknowledging last week that Microsoft might release an interim version of the Windows client before Longhorn, Redmond officials said the company will likely release an interim update on the server side.
Eolas patent invalid
A federal patent examiner's initial review has found the Web browser patent at the center of a major verdict against Microsoft to be invalid.
Microsoft Upgrade Center
Microsoft UK has created an Upgrade Center. The site allows you to look for case studies, white papers and other material to help you in developing a business case for infrastructure upgrade and to help you deploy it.
|
Advertise in OutlookPower
Each week, OutlookPower reaches over 250,000 readers, with a mix of skill-levels (from end-user all the way up through Exchange administrators and developers). Our editorial and news content reflects this broad mix of interest areas. If you'd like to bring your message to the inner-circle of email users, managers, developers, and administrators, feel free to contact us at
sales@outlookpower.com.
Unsubscribing from this mailing list
This weekly announcement is delivered to you as a free service from OutlookPower Magazine. To be removed from the list, simply click ##UNSUBSCRIBE##. If you're reading this in plain text, here's your unsubscribe link:
##PLAINTEXTUNSUBSCRIBE##
|
Copyright © 2003, ZATZ:Pure Internet Publishing, a unit of Component Enterprises, Inc. All rights reserved.
The Power Magazine for Outlook and Exchange Users is an independent publication of ZATZ:Pure Internet Publishing, a unit of Component Enterprises, Inc. All rights reserved. Component Enterprises, Inc. The ZATZ logo is a trademark of ZATZ:Pure Internet Publishing, a unit of Component Enterprises, OutlookPower Magazine is a service mark of Component Enterprises, Inc. Outlook is a registered trademark of Microsoft Corporation and Exchange is a trademark of Microsoft Corporation. All other brands and product names are trademarks and registered trademarks of their respective holders.
|
|
|