Greetings! Welcome to Vol. 4, No. 7,
of Exchange Messaging Outlook, an occasional newsletter about
Microsoft Exchange, Windows Messaging and Microsoft Outlook, both
for users of Windows 95 and NT 4.0 and for organizations using
Microsoft Exchange Server.
You've probably been wondering where EMO has been for the past
two months. I've done a lot of traveling -- attending four
professional meetings and making one personal trip, visiting four
different countries on the way. Meeting so many of you either at MEC
or at MSMIUG has been terrific!
Today's highlights:
- Exchange 2000
- Exchange Server Resources and Articles
- Year 2000 Issues with Exchange and Outlook
- HTML Mail Vulnerability
- Microsoft Outlook 2000 E-mail and Fax Guide
Regular features:
- New and updated utilities
Exchange 2000
What we knew before as "Platinum" is now officially
Exchange 2000, the next version of Exchange Server, due for release
6-8 weeks after Windows 2000 ships, so look for it during the first
half of next year. Why the wait for Windows 2000? Because Exchange
2000 is integrally linked to the new Active Directory in Windows
2000. You'll need to implement Windows 2000 before installing
Exchange 2000.
Exchange 2000 Beta 3 is available now as a free download or
low-cost CD, if you want to start getting up to speed. See http://www.microsoft.com/exchange/prodinfo/2000/default.htm
for details. The Microsoft news server at msnews.microsoft.com has
several Exchange 2000 newsgroups.
New Exchange Server Resources and Articles
My pick of the latest additions:
Exchange Technology Center
http://www.microsoft.com/technet/exchange/default.htm
Control Mailbox Size with Mailbox Manager
http://www.microsoft.com/technet/exchange/mailmg.htm
By Tony Redmond for Exchange Administrator newsletter
Supporting the Exchange Server Offline Address Book
http://technet.microsoft.com/cdonline/content/complete/srvnetwk/exch/technote/oabv61.htm
Lessons learned at Microsoft Product Support Services and
Microsoft Consulting Services
Testing your Exchange Servers for Y2K Readiness
http://www.winntmag.com/Articles/Content/7689_01.html
By Jerry Cochran for Windows NT Magazine
Exchange Server Tech Center
http://networking.brainbuzz.com/techcenters/techcenter.asp,tc~S1T12
Year 2000 Issues with Exchange and Outlook
We've added a page at http://www.slipstick.com/y2k.htm
summarizing the issues with various versions of Outlook, Exchange
Server, Schedule+ and Microsoft Mail to help you tidy up those Y2K
loose ends.
HTML Mail Vulnerability
The BubbleBoy concept worm this month demonstrated yet again the
vulnerability of HTML mail. If you were sleeping while the news
broke, BubbleBoy (though not found in the "wild" and
therefore posing no immediate danger) demonstrated for the first
time a message's capability to do harm without the user opening an
attachment. Just opening the message -- or even viewing it in the
Outlook Express or Outlook 98 preview pane -- triggers BubbleBoy's
harmful actions.
The lesson: Not only do you need to keep your anti-virus software
updated, but you should also stay current with updates to Internet
Explorer, whose components are used to display HTML format mail
messages in Outlook 98 and Outlook 2000. We've compiled this list of
five updates that you may need to eliminate the holes in HTML mail
due to Internet Explorer issues. You can check the dates of the
relevant files to see if you need to install these.
MS99-049 - Patch Available for "File Access URL"
Vulnerability
http://www.microsoft.com/security/bulletins/ms99-049.asp
Windows 95 and Windows 98 only
Updates Msnet32.dll to 11/11/1999 version
MS99-048 - Patch Available for "Active Setup Control"
Vulnerability
http://www.microsoft.com/security/bulletins/ms99-048.asp
Updates Inseng.dll to 10/26/1999 version
MS99-032 - Patch Available for "scriptlet.typelib/Eyedog"
Vulnerability
http://www.microsoft.com/security/bulletins/ms99-032.asp
This patch fixes the BubbleBoy-type vulnerability by updating the
registry. To verify that scriptlet.typelib is no longer marked as
safe for scripting, verify that the following registry key does
not exist:
Hive: HKEY_CLASSES_ROOT\CLSID
Key: \{06290BD5-48AA-11D2-8432-006008C3FBFC}\Implemented
Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
To verify that the Kill Bit for Eyedog has been set, verify
that the following registry value is set:
Hive: HKEY_LOCAL_MACHINE\SOFTWARE
Key: \Microsoft\Internet Explorer\ActiveX
Compatibility\{06A7EC63-4E21-11D0-A112-00A0C90543AA}
Name: Compatibility Flags
Value: Dword:00000400
MS99-012 - MSHTML Update Available for Internet Explorer
http://www.microsoft.com/security/bulletins/ms99-012.asp
Updates Mshtml.dll to 4/13/99 (IE4) or 4/14/99 (IE5) version
Updates Mshtmlwb.dll to 4/14/99 version (IE4 only)
MS99-001 - Patch Available for exposure in Forms 2.0 TextBox
Control
that allows data to be read from user's Clipboard.
http://www.microsoft.com/security/bulletins/ms99-001.asp
Affects Outlook 98
Updates Fm20.dll to 1/11/99 version
Microsoft Outlook 2000 E-mail and Fax Guide
Suffice it to say that it's been one of my strangest adventures
in publishing, but I'm delighted to announce that my second Outlook
2000 book -- Microsoft Outlook 2000 E-mail and Fax Guide --
should be available from Digital Press before the end of 1999. This
is a complete update of the earlier Microsoft Outlook E-mail and
Fax Guide to include details on IMAP folders, LDAP address
books, Net Folders collaboration, WinFax SE, and many other new
features, plus the essentials of setting up Outlook in standalone,
networked and remote environments. Read the complete table of
contents and get ordering details at http://www.slipstick.com/books/o2kguide.htm.
If you have my other Outlook 2000 book -- Teach Yourself
Microsoft Outlook 2000 Programming in 24 Hours -- you might be
interested to know that the source code is posted, along with the
table of contents and ordering links, at http://www.slipstick.com/books/tyo2kp.htm.
I wrote this book both for the Outlook enthusiast who wants to make
Outlook do everything but brew coffee and for experienced developers
who need a quick start toward understanding how to work with the
Outlook object model. Tell me what you think by posting a review on
the Amazon.com page for the book.
Thanks to our sponsors
The Slipstick Systems site upgrade not be possible without our
sponsors. These companies have been generous with their support, and
we look forward to continuing our association for some time to come.
Please check out the products and services they have to offer:
Automated Profile Management
Profile Maker 2000
http://www.desktopstandard.com
NetIQ
AppManager -- for monitoring and reporting on Exchange Server
http://www.netiq.com/products/exchange.asp
Aspeon Software
Introducing ExchangePlus for attachment compression and
filtering, content and spam filtering, message recall, read
receipt force/block and message disclaimers. Also featuring Rover
for roaming users, CompressMail and DeployMate.
http://www.aspeonsoftware.com
Dansk Software Design
Group schedule-viewing add-on for Microsoft Outlook and
Microsoft Exchange Server that includes the ability to define
favorites and quick access to frequently used calendars.
http://www.dansksoftware.dk/look/look.asp
Nemx Software
Nemx Power Tools for Microsoft Exchange Server include an
anti-virus scanner, which searches for viruses in private and
public folders, including the Internet Mail Connector and
SignatureMaker, which is ideal for company wide disclaimer
statements, or consistent "look and feel" signatures.
http://www.nemx.com
RSS
