Re: Outlook Security Settings removed

From: Anthony Papaleo (papaleo_at_ameritech.net)
Date: 05/02/03

  • Next message: Jonathan Grotegut: "RE: Outlook Security Settings removed"
    To: "Williamson, Scott" <scott.williamson@htcinc.net>, "Focus-MS" <focus-ms@securityfocus.com>
    Date: Thu, 1 May 2003 19:28:21 -0500
    
    

    We have encountered not a patch but a Microsoft utility that can,
    incrementally, remove one or all of the security settings in Outlook. It is
    called the Outlook Security Administrative Package, contained in a file "
    admpack.e_x_e_ "
    on the Office XP resource kit CD or Enterprise editions of MS Office.
    We too have a legacy program that sends internal e-mails for notification
    puposes. Starting with SP1 of Outlook 2000 and up to the present Outlook
    2003, these e-mails cause Outlook to throw up warnings (at least 2 per
    e-mail) that must be "OK'd" before the e-mail could be openned.
    BUT: Beware the serious implications of shutting down security functions,
    filters. Microsoft put those things in there for very obvious and painful
    reasons.

    Tony P.
    lurker and now responder

    ----- Original Message -----
    From: "Williamson, Scott" <scott.williamson@htcinc.net>
    To: "Focus-MS" <focus-ms@securityfocus.com>
    Sent: Wednesday, April 30, 2003 8:42 AM
    Subject: Outlook Security Settings removed

    > I was wondering if anyone heard of a patch that removed the registry
    > settings for bypassing the "Outlook Security Settings". We had some
    systems
    > setup that need to be able to send email from a third party program
    through
    > outlook. When the "Outlook Security" add-on was installed we setup a
    public
    > folder on Exchange 5.5 and configured it for these users. We then added
    the
    > necessary registry entries on these users machines. Now we find these
    > machines are now prompting for approval each time the program sends emails
    > and the registry setting is gone.
    >
    > Thanks,
    >
    > Scott Williamson
    > Systems Administrator
    >
    > --------------------------------------------------------------------------

    ---
    > FastTrain has your solution for a great CISSP Boot Camp. The industry`s
    most
    > recognized corporate security certification track, provides a
    comprehensive
    > prospectus based upon the core principle concepts of security. This ALL
    INCLUSIVE curriculum utilizes lectures, case studies and true hands-on
    utilization
    > of pertinent security tools. For a limited time you can enter for a chance
    > to win one of the latest technological innovations, the SEGWAY HT.
    > Log onto http://www.securityfocus.com/FastTrain-focus-ms
    > --------------------------------------------------------------------------
    ----
    -----------------------------------------------------------------------------
    FastTrain has your solution for a great CISSP Boot Camp. The industry`s most 
    recognized corporate security certification track, provides a comprehensive 
    prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization 
    of pertinent security tools. For a limited time you can enter for a chance 
    to win one of the latest technological innovations, the SEGWAY HT. 
    Log onto http://www.securityfocus.com/FastTrain-focus-ms
    ------------------------------------------------------------------------------
    

  • Next message: Jonathan Grotegut: "RE: Outlook Security Settings removed"

    Relevant Pages

    • Re: Spamnet add-in to Outlook
      ... If you're modifying the security settings item (you should never be ... Outlook may not save the change to the member list. ... I agree that setting up the Outlook Security Template and not ...
      (microsoft.public.outlook.program_addins)
    • Re: Spamnet add-in to Outlook
      ... Sue Mosher, Outlook MVP ... > I just went to create a new security item (added members in an Exception ... >> If you're modifying the security settings item (you should never be ...
      (microsoft.public.outlook.program_addins)
    • [NT] MHTML vulnerability in Outlook Express
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A vulnerability in Outlook Express allows an attacker to run code of the ... If an attacker were to host a malicious website that contained an MHTML ...
      (Securiteam)
    • [VulnWatch] Bypassing SMTP Content Protection with a Flick of a Button
      ... How about using Outlook Express as ... more than an Outlook Express client and employs a rarely-used feature ... This RFC documented feature called "Message Fragmentation and ... comprehensive security policy to restrict potentially harmful content ...
      (VulnWatch)
    • Re: How do I receive an access database?
      ... To provide enhanced security, Microsoft Office Outlook 2003 is designed to ... If you need to share files that have file types blocked by this feature, ... There is no control over those files (no settings within ...
      (microsoft.public.access.gettingstarted)