Power Tools Gear
June 12, 2000
By Karen Kenworthy
IN THIS ISSUE
I guess you've heard the big news by now. It's all anyone around here can talk about. You'd think nothing else was happening, anywhere in the world. It's amazing how much one man can stir things up.
Still, lovely Monica's a special young lady. So naturally, when her beau Bill proposed, and she accepted, it was an important event. They've chosen November 4th as their wedding date. I hope you can make it. They've reserved the First Baptist Church, downtown, to hold everyone who's expected to attend. If not, I promise I'll be there and tell you all about it.
Of course there was other news last week. One event that almost went unnoticed, in the furor surrounding Monica's upcoming nuptials, was Microsoft's release of their "Outlook Security Update." Designed to protect users of Microsoft's Outlook 98 and Outlook 2000 e-mail programs, this update was prompted by the recent spate of email-born viruses.
We talked a bit about this update a few weeks ago, when the ILOVEYOU virus was in all the papers. As you recall, this virus traveled around the world attached to e-mail messages. Each message's text was harmless enough -- just a childish promise of a romantic missive. But the file attached to the message was actually a small program, written in the VBScript programming language.
When readers tried to open the file, they inadvertently ran the program. Once run, the virus removed certain types of files from the reader's computer and performed other types of electronic vandalism. Then, if it found a copy of Microsoft's Outlook program on the computer, the virus sent a copy of itself to each person in the e-mail program's address book.
The virus could have been rendered harmless if people had realized the file attached to the e-mail message was a program. They then would have been much more cautious in their handling of the file. But the virus's authors relied on a few bits of Windows trivia to confuse recipients, leading them to believe the file must be harmless.
First, the file containing the virus was named ILOVEYOU.TXT.VBS. As you can easily see, the filename's extension is .VBS, indicating it's a VBScript program. But this little detail wasn't so clear to folks who received the file via e-mail. By default, Windows hides the extension of file types it recognizes. As a result, the filename most recipients saw was ILOVEYOU.TXT, without the telltale .VBS extension.
The second obscure fact that helped the virus spread is that .VBS files are programs. We're all familiar with the much more common .EXE, .COM, .DLL, and even .BAT files. All files whose names end with these extensions contain programs. And all can do damage if the programmers who wrote them are malicious, careless, or both.
This prompted me to update our Directory Printer Power Tool. In addition to printing the names of a disk's directories and files, it was also taught to highlight those files that contain programs. That way we could all become more aware of the potential danger that lies inside files with mysterious filename extensions such as .SCT, or .JSE.
Outlook Security Update
Then Microsoft took matters into its own hands. Its solution to the problem is to vaccinate the Outlook 2000 and Outlook 98 e-mail programs, making them incapable of harboring or spreading a destructive program. Or any program, for that matter.
You can read about Microsoft's "Outlook Security Update" on its Web site. Anyone using Outlook 2000 should checkout:
While users of the earlier Outlook 98 version should follow this link:
This update prevents Outlook users from opening, saving, printing, forwarding, or receiving, 38 types of "unsafe" files, including all executable files, plus shortcuts to locations on the Web (.URL files) and locations on your hard drive (.LNK files). As a result, it's almost impossible for an e-mail message to deliver a destructive payload to a recipient via Outlook 2000 or Outlook 98 once the update has been installed.
Outlook veterans can still send unsafe files to others, by attaching them to new messages. But when they do, the updated Outlook warns the sender of the possible harmful consequences of their actions. And of course, even if they decide to ignore the warning, recipients using Outlook are still prevented from receiving the "unsafe" file attachment.
One long-overdue feature of this update warns you when programs access your e- mail address book. This lets you know when a virus attempts to spread itself to your friends and coworkers. When you see the warning, you can block the access. Or you can grant access for a limited period of time (up to 10 minutes). After that time, the "cover" of your address book is closed and locked until you choose to open it again.
So, is the Outlook Security Update for everyone? Should you run to Microsoft's Web site, download, and install this patch? Well, maybe yes. And maybe no.
Before you decide, take a look at Microsoft's list of "unsafe" files. It's on display at http://support.microsoft.com/support/kb/articles/Q262/6/31.html. The first thing you'll notice is that these types of files are only *potentially* unsafe. Each type is also potentially very safe, even necessary. Most files that make up Windows itself, for example, and every application on your hard drive, fall into Microsoft's "unsafe" category.
The updated Outlook doesn't know, or care, whether a file attached to an e-mail message is actually harmful. If it belongs to one of the unsafe types it's prohibited. While this does very effectively stop the e-mailing of viruses, it also makes it difficult for software companies and support personnel to distribute programs and patches. And it even blocks all sorts of animated "greeting card" attachments and other innocent diversions.
Not only does the Outlook Security Update prevent you from receiving any new files that fall into the "unsafe" category, any files attached to messages you've already received become inaccessible. The attachment is not actually removed from the old messages. So there may be some sneaky ways to retrieve them in an emergency. But for most purposes, files you were saving in your Outlook Inbox (or other Outlook mail folder) are gone once the update has been installed.
Even the update's address book warning feature can cause problems. Some H/PCs (Handheld PCs), PDAs (Personal Digital Assistants), and even cell phones include software that synchronizes their internal address book with the one maintained by Outlook. Most of these utilities will continue to function once the update has been installed, but some will not. You should check with the company that makes your handheld device to be sure.
And in case you're wondering, this isn't an update you can try on for size, then remove if it causes more problems than it fixes. To eliminate the update, you must completely uninstall Outlook, and all accompanying Microsoft Office products, then re-install everything from the original CDs. That's right. To remove this update you would have to uninstall, then reinstall Microsoft Word, Excel, and any other Office component you use in addition to Outlook. Ouch!
Whether or not this update is right for you, depends on how much you value (nearly) absolute protection from e-mail viruses that it offers. And how much you value the easy transferring of the "unsafe" files it blocks. I suspect that most companies will welcome these new restrictions. The costs of preventing e- mail viruses, and repairing the damage the undetected strains inflict, is enormous.
Individuals, especially more experienced users, may decide to avoid this update. At least for now. Depending on how well these changes are received, they may well be standard features in future editions of Microsoft's e-mail programs. If so, authors of other e-mail programs are likely to follow suit.
My personal opinion is that these restrictions are a (sometimes) necessary limitation today. But in the future, better ways to prevent the distribution of harmful files, without interfering with the exchange of useful programs, will be used.
Digital Signatures are one of the more promising developments. These electronic tags, which can be attached to almost any file, can prevent harmless files from being morphed into dangerous ones. And they can positively identify the author or source of a file, allowing you to decide if it comes from someone you know and trust. Or from some high school kid, from a town you've never heard of, half-way around the world.
We'll talk more about Digital Signatures in the days ahead. But for now, if you want to see one in action, download my Directory Printer program from http://www.karenware.com/powertools/ptdirprn.asp. Then use your mouse to right-click on the file you've downloaded (ptdirprn-setup.exe) and select Properties from the context menu that appears. Click on the Properties dialog's Digital Signatures tab, and you'll see the electronic autograph of yours truly.
Of course, you might also want to download the new Directory Printer 2.7 to take advantage of the expanded list of executable files it now recognizes. It now highlights all 38 types of files on Microsoft "unsafe" list, plus two dozen more that Microsoft overlooked. And as always, the program and its Visual Basic source code (for the programmer's among us) are free.
And until next time, keep a look out for lovely Monica and her bride's maids. They're shopping for fabric this week. If you see her, or her beau Bill, be sure to wave and say Hi! And don't forget me either. I'll be looking for you!