Taking Steps to Secure Outlook

  • Article

 

As mentioned previously, upgrading to the latest version of Outlook and regularly obtaining updates provides your client desktops with the most up-to-date virus protection for Outlook.

Attachment blocking and Object Model Guard are important functionality in Outlook that help slow or stop the spread of viruses. This section explains how these two features protect the Outlook client and explains which versions of Outlook can be updated to include the features.

Note

Although this section discusses how to apply security updates to earlier versions of Outlook, be aware that Outlook 2000 Service Pack 3 (SP3) is the earliest version of Outlook that Microsoft Product Support Services (PSS) supports. For more information about Office and PSS support, see the Office Family Products Support Lifecycle FAQ Web site.

Attachment Blocking in Outlook

One common method virus writers use to transport viruses is to include the virus in an attachment. For example, a virus can be delivered by attaching an executable program (.exe) to an e-mail message. In some cases, viruses can be delivered by embedding them in a macro, which appears to users as a safe document (such as a Microsoft Word or Excel file).

Attachment blocking functionality is one of the most effective deterrents against viruses spread by e-mail. By default, Outlook 2003 and Outlook 2002 include attachment blocking functionality to protect against such viruses. To enable attachment blocking on Outlook 2000, Outlook 98, and Outlook 97, you must download and install the security update specific to the version you want to protect. By default, the latest service packs to supported versions of Outlook block 71 types of attachments.

Attachment blocking is essential for all e-mail clients today. However, you must still educate your users to not open attachments from unknown senders. For more information about educating users, see End User Awareness Training.

Object Model Guard

Object Model Guard protects access to address book data, recipient data on an item, and programmatic sending of e-mail messages in Outlook. Object Model Guard applies to the Outlook object model and to Simple MAPI. When Object Model Guard is enabled, the user is prompted if any application tries to send an e-mail message from the mailbox profile. The same behavior occurs when non-Outlook processes try to access the address book. The user can set a timed interval for a specified process to access the object model or the Outlook address book. It is important to understand that Object Model Guard does not prevent a user from sending a virus. Rather, it blocks automated processes from accessing the object model and the address book.

By default, Object Model Guard is installed and enabled in Outlook 2003 and Outlook 2002. To enable Object Model Guard in Outlook 2000 or Outlook 98, you must download the security update specific to the version you want to protect. Object Model Guard is not included in the Outlook 97 security update.

Recommendations

  • Upgrade to Outlook 2003, or if running Outlook 2002, make sure to keep it up-to-date with the latest service pack and updates.

  • If you are running a version of Outlook other than Outlook 2003 or Outlook 2002, download and deploy the security update for Outlook 2000 or Outlook 98. If you are running Outlook 97, upgrade to a version of Outlook that supports Object Model Guard. Outlook 2000 SP3, which includes the security update, is the earliest version of Outlook that Microsoft supports.

Resources