Microsoft to issue Outlook security patch

Microsoft Corp. has announced that it will issue a patch for its popular Outlook e-mail client that’s aimed at preventing the software from propagating viruses such as ILOVEYOU and Melissa.

Those viruses were spread via e-mail attachments or Internet worms that replicated through the Outlook address book.

The upcoming patch will prevent Outlook 2000 and Outlook 98 from receiving certain types of program files, such as .exe and .bat, that contain executable code used to spread viruses. Updated versions of Outlook will also block script modules and files such as .js, .bas and .vbs Visual Basic script attachments. Internet links and shortcuts to files such as .lnk and .pif files will be restricted.

“The goal is to take the guesswork out of determining whether an attachment is safe,” said Lisa Gurry, a product manager with Microsoft’s Office team. Gurry confirmed that the patch will impact a number of business applications, including Siebel System Inc.’s customer relationship management applications and SAP AG’s enterprise resource planning software. But she said they and other software partners are just now receiving the beta code, and it’s too early to know what the specific impact will be.

“We will be inviting them to campus to discuss the right balance between security and functionality and ensure that our products continue to work well with theirs,” Gurry said. Microsoft has made a beta version of the patch available to independent software vendors whose products may be impacted by the update.