You've probably been wondering where EMO has been for the past two months. I've done a lot of traveling -- attending four professional meetings and making one personal trip, visiting four different countries on the way. Meeting so many of you either at MEC or at MSMIUG has been terrific!

• Exchange 2000
• Exchange Server Resources and Articles
• Year 2000 Issues with Exchange and Outlook
• HTML Mail Vulnerability
• Microsoft Outlook 2000 E-mail and Fax Guide

• New and updated utilities

What we knew before as "Platinum" is now officially Exchange 2000, the next version of Exchange Server, due for release 6-8 weeks after Windows 2000 ships, so look for it during the first half of next year. Why the wait for Windows 2000? Because Exchange 2000 is integrally linked to the new Active Directory in Windows 2000. You'll need to implement Windows 2000 before installing Exchange 2000.

Exchange 2000 Beta 3 is available now as a free download or low-cost CD, if you want to start getting up to speed. See http://www.microsoft.com/exchange/prodinfo/2000/default.htm for details. The Microsoft news server at msnews.microsoft.com has several Exchange 2000 newsgroups.

My pick of the latest additions:

Exchange Technology Center
http://www.microsoft.com/technet/exchange/default.htm

Control Mailbox Size with Mailbox Manager
http://www.microsoft.com/technet/exchange/mailmg.htm
By Tony Redmond for Exchange Administrator newsletter

Supporting the Exchange Server Offline Address Book
http://technet.microsoft.com/cdonline/content/complete/srvnetwk/exch/technote/oabv61.htm
Lessons learned at Microsoft Product Support Services and Microsoft Consulting Services

Testing your Exchange Servers for Y2K Readiness
http://www.winntmag.com/Articles/Content/7689_01.html
By Jerry Cochran for Windows NT Magazine

Exchange Server Tech Center
http://networking.brainbuzz.com/techcenters/techcenter.asp,tc~S1T12

We've added a page at http://www.slipstick.com/y2k.htm summarizing the issues with various versions of Outlook, Exchange Server, Schedule+ and Microsoft Mail to help you tidy up those Y2K loose ends.

The BubbleBoy concept worm this month demonstrated yet again the vulnerability of HTML mail. If you were sleeping while the news broke, BubbleBoy (though not found in the "wild" and therefore posing no immediate danger) demonstrated for the first time a message's capability to do harm without the user opening an attachment. Just opening the message -- or even viewing it in the Outlook Express or Outlook 98 preview pane -- triggers BubbleBoy's harmful actions.

The lesson: Not only do you need to keep your anti-virus software updated, but you should also stay current with updates to Internet Explorer, whose components are used to display HTML format mail messages in Outlook 98 and Outlook 2000. We've compiled this list of five updates that you may need to eliminate the holes in HTML mail due to Internet Explorer issues. You can check the dates of the relevant files to see if you need to install these.

MS99-049 - Patch Available for "File Access URL" Vulnerability
http://www.microsoft.com/security/bulletins/ms99-049.asp
Windows 95 and Windows 98 only
Updates Msnet32.dll to 11/11/1999 version

MS99-048 - Patch Available for "Active Setup Control" Vulnerability
http://www.microsoft.com/security/bulletins/ms99-048.asp
Updates Inseng.dll to 10/26/1999 version

MS99-032 - Patch Available for "scriptlet.typelib/Eyedog" Vulnerability
http://www.microsoft.com/security/bulletins/ms99-032.asp
This patch fixes the BubbleBoy-type vulnerability by updating the registry. To verify that scriptlet.typelib is no longer marked as safe for scripting, verify that the following registry key does not exist:

Hive: HKEY_CLASSES_ROOT\CLSID
Key: \{06290BD5-48AA-11D2-8432-006008C3FBFC}\Implemented
Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}

To verify that the Kill Bit for Eyedog has been set, verify that the following registry value is set:

Hive: HKEY_LOCAL_MACHINE\SOFTWARE
Key: \Microsoft\Internet Explorer\ActiveX
Compatibility\{06A7EC63-4E21-11D0-A112-00A0C90543AA}
Name: Compatibility Flags
Value: Dword:00000400

MS99-012 - MSHTML Update Available for Internet Explorer
http://www.microsoft.com/security/bulletins/ms99-012.asp
Updates Mshtml.dll to 4/13/99 (IE4) or 4/14/99 (IE5) version
Updates Mshtmlwb.dll to 4/14/99 version (IE4 only)

MS99-001 - Patch Available for exposure in Forms 2.0 TextBox Control
that allows data to be read from user's Clipboard.
http://www.microsoft.com/security/bulletins/ms99-001.asp
Affects Outlook 98
Updates Fm20.dll to 1/11/99 version

Suffice it to say that it's been one of my strangest adventures in publishing, but I'm delighted to announce that my second Outlook 2000 book -- Microsoft Outlook 2000 E-mail and Fax Guide -- should be available from Digital Press before the end of 1999. This is a complete update of the earlier Microsoft Outlook E-mail and Fax Guide to include details on IMAP folders, LDAP address books, Net Folders collaboration, WinFax SE, and many other new features, plus the essentials of setting up Outlook in standalone, networked and remote environments. Read the complete table of contents and get ordering details at http://www.slipstick.com/books/o2kguide.htm.

If you have my other Outlook 2000 book -- Teach Yourself Microsoft Outlook 2000 Programming in 24 Hours -- you might be interested to know that the source code is posted, along with the table of contents and ordering links, at http://www.slipstick.com/books/tyo2kp.htm. I wrote this book both for the Outlook enthusiast who wants to make Outlook do everything but brew coffee and for experienced developers who need a quick start toward understanding how to work with the Outlook object model. Tell me what you think by posting a review on the Amazon.com page for the book.

The Slipstick Systems site upgrade not be possible without our sponsors. These companies have been generous with their support, and we look forward to continuing our association for some time to come. Please check out the products and services they have to offer:

Automated Profile Management
Profile Maker 2000
http://www.desktopstandard.com

NetIQ
AppManager -- for monitoring and reporting on Exchange Server
http://www.netiq.com/products/exchange.asp

Aspeon Software
Introducing ExchangePlus for attachment compression and filtering, content and spam filtering, message recall, read receipt force/block and message disclaimers. Also featuring Rover for roaming users, CompressMail and DeployMate.
http://www.aspeonsoftware.com

Dansk Software Design
Group schedule-viewing add-on for Microsoft Outlook and Microsoft Exchange Server that includes the ability to define favorites and quick access to frequently used calendars.
http://www.dansksoftware.dk/look/look.asp

Nemx Software
Nemx Power Tools for Microsoft Exchange Server include an anti-virus scanner, which searches for viruses in private and public folders, including the Internet Mail Connector and SignatureMaker, which is ideal for company wide disclaimer statements, or consistent "look and feel" signatures.
http://www.nemx.com