Microsoft Releases "Love Bug" Fix

Microsoft Corp. released a patch that addresses the recent rash of "Love Bug" and copycat worms that made their way around the Internet. However, the fix may end up affecting users more than the bugs did.

The Outlook 98 and Outlook 2000 E-mail Security Updates are software updates that limit functionality in Microsoft ( Outlook, as well as in other applications in Microsoft Office as well as third-party ISV products.

The Outlook updates are a three-pronged attack on viruses. E-mail attachment security prevents users from accessing several file types when sent as e-mail attachments. Object model guard prompts users with a dialog box whenever an external program attempts to access their Outlook address book or send e-mail. Heightened Outlook default security settings increase the default Internet security zone setting within Outlook from "Internet" to "restricted sites."

With the update installed, Outlook will check the file type of each attachment received in a user's in box and compare it against two lists of file types, Level 1 security and Level 2 security file types. Access to Level 1 security file types - .EXE, .COM, .BAS, .VBS, .JS, URLs, .ISN, .LNK, and .PIF files - is restricted, because these are either scripted code or links to viruses. Level 2 security files are only .ZIP files, which are not restricted, but Outlook will require the user to save these files to the hard drive.

If an e-mail message is received in Outlook with a Level 1 attachment, the Inbox will display the paperclip icon in the attachment column to let the user know that the message originally contained an attachment. When the message is opened, the attachment will not be available and Outlook will notify the user that it removed access to the attachment. If a message is received with a Level 2 attachment, a warning box is displayed instructing the user to save the attached file to the hard drive before opening.

Microsoft has reported several cases of functionality failure surrounding the Outlook updates. The most significant of these involves the updates' installation procedures. There is no remove or uninstall utility for the update. In order to remove it, Office must be removed and reinstalled. Additionally, in some cases the update fails to install. Net Folders do not always work with the update, and Palm and Windows CE devices have synchronization issues involving address book and Inbox synchronization. With the updates installed, Mail Merge fails from within Word, but works from within Outlook. When sending PowerPoint presentations through e-mail, a warning is displayed, as all presentations mailed as attachments contain a .JS script file.

In addition to functionality issues within Outlook and Office, the updates cause functionality problems with some third-party software. ISVs whose software is affected by the updates include Accountmate Software Corp. (, Chapura Inc. (, FileNET Corp. (, Great Plains Software Inc. (, Instinctive Technology Inc. (, Micro Eye Inc. (, Motiva (, Novell Inc. (, Palm Inc. (, Paragon Software Ltd. (, PUMATECH Inc. (, Research In Motion Ltd. (, and Slipstick Systems ( - Isaac Slepner

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus