Outlook patch option shores up security

Featured eBooks
AI in the Workplace
Read Now

CX in Action

Read Now

Next Steps for CMMC

Read Now
By John Fontana

By John Fontana

|

Reliable Software Technologies Corp. has developed a free program that stops viruses from propagating by exploiting Microsoft Outlook

Related Links

FCW's "love bug" coverage

Microsoft Corp. Outlook users looking to shore up their systems against viruses now have an option to the patch Microsoft released last week.

Reliable Software Technologies Corp. has developed a free program that stops viruses from propagating by exploiting Outlook. The JustBeFriends.dll installs on desktops and blocks calls to Outlook by monitoring the Visual Basic Scripting Engine.

The patch will not prevent a virus from damaging files, but it will help contain viruses and stop them from spreading. The "love bug" virus was a Visual Basic script that used the Outlook address book to quickly distribute itself throughout e-mail systems.

"Our patch works outside of Outlook and monitors applications calling Outlook," said Gary McGraw, vice president of corporate technology for Reliable. "We prevent the scripting engine from invoking Outlook and sending out e-mail on the user's behalf."

If a request for access to Outlook comes from a script being run from the desktop or from an attachment, access is denied. Otherwise, the user is asked to confirm that the application should be allowed access to Outlook.

The patch is a Dynamic Link Library (.dll) that lives inside the "appinit" Registry Key and is installed using a standard InstallShield setup.

The patch can be used in conjunction with the just released Outlook E-mail Security Update from Microsoft, or it can be run on its own. The Microsoft patch prevents Outlook from accepting a number of attachments, including .VBS, and adjusts security zone settings to prevent scripts from running by default. The patch also prevents applications from using the address book to send e-mail.

The Microsoft patch works with Outlook 98 and 2000, while the JustBeFriends patch works on all versions of Outlook, including Outlook Express. However, JustBeFriends only works on desktops running Windows NT or Windows 2000.

For more information about enterprise networking, go to Network World Fusion. Story copyright 2000 Network World Inc. All rights reserved.

NEXT STORY: Senators hit Energy again over disks