Microsoft alters Outlook e-mail to block viruses

SEATTLE - Microsoft is altering its popular Outlook e-mail software to prevent users from running any ''executable'' program attachments - like the infamous Love Bug virus.

As an additional safeguard, any time a computer program attempts to access Outlook's address book or tries to send e-mail via Outlook, users will receive a warning and will be urged not to allow it.

The software ''patch'' announced Monday for Microsoft Outlook 98 and Office 2000 will be available on a Microsoft Web site starting next week.

But as a tradeoff for the added security, users will find that Outlook will also block some attachments that are harmless or possibly even beneficial.

The moves come two weeks after the Love Bug, also known as the ''ILOVEYOU'' virus, clogged e-mail systems around the world and infected millions of computers, destroying music and graphics files stored on many machines. The virus, which only worked against users of Microsoft Outlook, caused as much as $10 billion in damage, mostly in lost work time.

''We've been taking a really hard look at the security issues with regard to Outlook over the past few weeks,'' said Steven Sinofsky, senior vice president for Microsoft Office, a package of software programs that includes Outlook.

Sinofsky said many of the perceived security lapses in Outlook are related to features that make the program more appealing for users.

''We are constantly in a balance between power, flexibility and openness versus security,'' he said.

Reaction from computer security experts was mixed.

''The e-mail alerts are very, very good. But preventing every single kind of executable from ever running is overkill,'' said Ira Winkler, president of Internet Security Advisors Group.

Carey Nachenberg, chief researcher at Symantec Corp.'s Anti-Virus Research Center, said Microsoft should be applauded for the new safeguards, but insisted that even more needs to be done to protect users from viruses.

---

On the Web: http://officeupdate.microsoft.com