Securing Microsoft Outlook 2000 FAQ
(C) 2000 by CptSiskoX
Xteq Systems and Xifa Technologies

Microsoft Outlook 2000Microsoft Outlook 2000

Microsoft Outlook 2000 is a good e-mail client, but unfortunately
it is open to far too many security vulnerabilities if used with it's
default settings.  Below are some FAQs and answers to help
you protect yourself against dangerous programs, viruses,
e-mail worms, and Trojan horse applications.  Press CTRL + D
if you would like to add this site to your favorites/bookmarks list.

[Click here to download Xteq X-Setup (Free security/system utility).]

What can I do to secure Outlook 2000 against hostile code
in active content or against computer viruses and worms?

Carefully ensure you follow these steps to
protect yourself, your data, and your computer:

1.  Never open a file attachment if you do not know what it is
or were not expecting it, or if the sender is someone you do not
know. 
If you know the sender, open the file only after you've
scanned it for hostile/dangerous code, incase it is a virus, Trojan
horse, or worm program.  It would also be advisable to check with
the sender to be sure they intentionally sent you the file, because
some of the most dangerous viruses actually send a copy of
themselves out to everyone in your Outlook address book, without
your knowledge or consent.  It's possible your friend may have fallen
into this trap themselves.  Usually, if you do not open a file attachment,
you cannot be infected by it.  Some worms, however, require only that
you view them (they are embedded in HTML e-mails) in Outlook's preview
pane.  This essentially runs them.

Is it really necessary to keep my anti-virus program updated?  How well
should I know how to use it?  Why does it need to be updated in the first
place?

2.  Keep your anti-virus program up-to-date and use it often.  You should
familiarize yourself with your anti-virus software so you are very comfortable
using it to scan files for possible infections or rogue applications.
  You should
always make sure you have the most recent version of the anti-virus software
and download and install the updates for it as they are released.  It does no
good to have an anti-virus program on your system if it can't detect any of the
new viruses that have been unleashed.  Anti-virus packages use something
referred to as definition files, which keep them up to date so that they can
detect the newest, as well as older viruses, Trojans, and worms.  This helps the anti-virus software recognize viruses that have come out -after- the anti-virus program itself did.  You should not have more than one anti-virus program active at any given time because they may mistakenly recognize one another as infections due to the way they work.

Is there anything else I can do to prevent getting viruses, worms and
Trojans in Outlook 2000?  Which patches do I need to install?  How
can I increase Outlook's security for best results?


3.  Turn up your security settings. If you aren't using Outlook 2000 SR-1 (Service Release 1), download it from Microsoft's Office Update site (free).  It includes important security fixes and updates.  If you aren't sure what version you have, click "Help, About" in Outlook.  It will tell you if it is SR-1 or not.  Be sure you are using the most recent version of Internet Explorer to ensure you have all the latest security updates for it to help protect against potential security risks.  Outlook 2000 depends upon Internet Explorer for its security settings.  In Outlook 2000, navigate to "Tools, Options, Security" and set the "Zone" to "Restricted Sites Zone."  This will allow you to send and receive e-mail as usual, be it plain text, Rich Text, or HTML format.  However, it will help prevent hostile JavaScripts from running.  Some worms and viruses are known to spread via JavaScript code.  Once you've done this, click "Attachment Security" and select "High" before you click "OK."  This way, you are warned before opening certain potentially dangerous file attachments, which is a frequent way that viruses, Trojans and worms spread.  Be sure you have downloaded the 128-bit Update to Internet Explorer.  This will help increase your security even more when you access certain sites in the browser or from Outlook.  You should also install the 128-bit Update to Outlook 2000 SR-1 for more e-mail security.  If you aren't using the SR-1 release of Outlook 2000 (recommended that you do use it) then you can still download a 128-bit Update for Outlook (non SR-1).  You can tell which bit version of Outlook 2000 you are using by clicking "Help, About, Security Info."
One more thing you can do is to turn off the Preview Pane to protect against
active content security problems, such as JavaScript worms.  Another thing
you can do is to use e-mail filters, that automatically delete certain messages
off of your e-mail server without you ever downloading them.  One such worm/virus is named "I love you" and places "I love you" in the subject of the e-mail it arrives in.  If you set your message rules to delete all e-mail with the
subject "I love you" then you'd be protected against that particular item.  However,
this will not protect you against new strains, or the same file in a different subject e-mail, so it's best to use all the other security tips at all times for maximum
security.  You might also want to consider a firewall to protect against Trojan horse programs which try to send out your data or perhaps even your passwords to their authors on the Internet.  You can get a free firewall at ZoneLabs, named ZoneAlarm.  It does not protect against most viruses, Trojans, or worms, but it can help you prevent them from sending out your data without your permission. It does help prevent accidental running of .VBS files. To test your Internet security further, try Shields Up!, a free service to test your TCP/IP security.  Last, but not least, be sure you have a copy of Xteq X-Setup, a wonderful free utility which can further aide in raising your security level.  X-Setup has many free plug-ins for it available here.

Best of luck,

CptSiskoX
Xteq Systems and Xifa Technologies

Legal Info: Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document.  Microsoft Outlook Ó Microsoft Corporation.  Microsoft, the Office logo, Outlook, Internet Explorer and Windows are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other countries.  The names of actual companies and products mentioned herein may be the trademarks of their respective owners.