Specify the method Outlook uses to manage virus prevention features
Updated: April 9, 2009
Applies To: Office Resource Kit
Topic Last Modified: 2009-04-03
With Microsoft Office Outlook 2007, you can use new Group Policy settings to configure security options that help prevent viruses. With previous versions of Outlook, you modified security settings by using the Outlook security template and publishing the settings to a form in a top-level folder in Exchange Server public folders. Users who needed these settings required the HKEY_CURRENT_USER\Software\Policies\Microsoft\Security\CheckAdminSettings registry key to be set on their computers for the settings to apply.
The CheckAdminSettings registry key is no longer used to determine users' security settings. Instead, you configure a new Group Policy setting: Outlook Security Mode. The option you choose in this setting determines which security settings are enforced in Outlook:
Default security settings in the product
Security settings in the Exchange Server security form
Group Policy security settings
To configure the method that Outlook uses for security settings
In Group Policy, load the Office Outlook 2007 template (Outlk12.adm) and go to User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security Form settings\Microsoft Office Outlook 12.0 Security.
Double-click Outlook Security Mode, and click Enabled.
In the Outlook Security Policy drop-down list, select the method that you want Outlook to use for enforcing security settings.
The Outlook template and other ADM files can be downloaded from 2007 Office System Administrative Templates (ADM) on the Microsoft Download Center.
To continue using the Exchange Server security form for Outlook security settings, you must configure the new Group Policy setting. If you do not configure the setting, Outlook uses default security settings. If you do not enable the Outlook Security Mode setting, default security settings in the product are enforced.
More information about managing virus prevention settings is included in the following sections.
If you previously used the Exchange Server security form to manage security settings and now choose to use Group Policy with Outlook, you must manually migrate the settings that you configured earlier to the corresponding Group Policy settings for Outlook.
Users might receive a warning when an application accesses the Outlook Address Book—for example, when users synchronize a hand-held device with Outlook on their desktop computer. This feature cannot be modified by using the Exchange Server security form or Group Policy. To prevent the access warning, the application must be coded to interact with Outlook in a trusted manner.
The Object Model (OM) Guard that helps prevent viruses from using the Outlook Address Book to propagate themselves has been updated. Outlook now checks for up-to-date antivirus software to help determine when to display address book access warnings and other Outlook security warnings.
For more information about coding trusted add-ins, see Important Security Notes for Microsoft Outlook COM Add-in Developers.