Feeds

Outlook Love Bug patch still mysteriously missing

How long does it take to pour quick-set over attachments anyway?

  • alert
  • submit to reddit

Maximizing your infrastructure through virtualization

Users are still waiting for a fix for MS Outlook after the ravages from the ILOVEYOU, Melissa and related viruses. Microsoft is itself in a bit of a fix here; having pushed the idea of attachments, a security fix based on blocking all attachments seems like a massive climb-down.

But on the other hand, what else could you do? Microsoft initially announced a patch that would drastically curtail Outlook's ability to deal with attachments, but for some reason, it hasn't actually got it out the door yet. It's been delayed several times already, and it's not clear when it will actually ship - or indeed, what it will actually be.

Meanwhile, the Microsoft's Office Update site has some extraordinary things to say about all it.

Curiously, the wording of Microsoft's announcement is in the present tense: the security update "puts you back in control of your software", despite the fix being "available soon" (this week is the latest rumour); it will provide "unprecedented security". Microsoft says that "malicious hackers have abused legitimate Outlook functionality". The company goes on to say that the bug fix ("update") was "not created to address a security vulnerability within Outlook". So why a "security update", then? The thinking seems to be that Outlook is perfectly safe if people behave themselves, but that the patch provides "unprecedented security protection" because there are people around who want to spoil things for everybody.

Microsoft is having to incorporate a number of restrictions on functionality, to change default settings, and even more difficult, to persuade users to download the bug fix and install it. It's unrealistic to expect many users to do this, especially as the documentation available so far is daunting. The chances of the right security decisions being made will not be particularly high in many cases, in view of the level of knowledge required to do this correctly. ®

Top three mobile application threats

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
Grim diversity numbers dumped alongside Facebook earnings
Microsoft: We're making ONE TRUE WINDOWS to rule us all
Enterprise, Windows still power firm's shaky money-maker
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.