Home > Outlook Express
Microsoft Outlook Express is a email client and NNTP news reader bundled with operating systems and the Internet Explorer web browser by Microsoft, and also available as a no-charge download for the "classic" Apple Macintosh operating system (although not for the newer Mac OS X, where it has been replaced by Microsoft Entourage, which costs money as part of Microsoft Office).Outlook and Outlook Express are distinct platforms which do not share common code, but do share a common architectural philosophy. The similar names lead many people to incorrectly conclude that Outlook Express is a "stripped" version of Outlook. Outlook Express is bundled with Internet Explorer, and may or may not be freely available if future versions are released. Microsoft state that "further enhancements to security" will require future versions of Internet Explorer (and thus Outlook) will be able to run only on a newly secured operating platform, Longhorn.
Windows 95 included Internet Mail and News, a simple precursor to Outlook Express. Internet Mail and News handled plain text email (not HTML mail), and had none of the security holes Outlook is known for. In an astonishing oversight, Microsoft failed to provide it with a way to back up the address book — something that would later create a great deal of frustration among users.
With the fully-fledged Outlook Express product, Microsoft's vision for integrated web applications resulted in a semi-merger of the browser and the mail client, with full scripting support. However, this blurred the normal distinction between trusted application, a beneign e-mail, and a remote webpage. Outlook's ability to execute Javascript and display remote images were at the root of many of its later security and privacy issues.
In the "Welcome e-mail" for both Outlook and Outlook Express, Microsoft acknowledged that with new HTML e-mail, security was a risk. And they described their plan for foiling the security risk. Outlook and Internet Explorer both featured security zones — a feature neither found in nor needed by competing products. The zones were Intranet, Internet, Trusted, and Restricted. Internet was for any site not in a zone. Trusted sites could do things without asking user's permission, and was clearly designed for administrators who wanted to allow updating without any confusion. AOL used it to add http://free.aol.com to ensure that users who wanted to download their online service client software didn't have to grant them permission via an ActiveX certificate dialog box whose well-warranted warning might scare away potential customers. That required an Internet Explorer hack that should not have been possible if Microsoft's zones had worked as intended. The security zones were supposed to be user-controlled.
But that was a relatively benign breach due to Microsoft's implemention of the plan. Another flaw was the fact that the "Restricted" security zone wasn't restrictive enough. A script could automatically open as an attachment. (Another mitigating factor was a bug in Outlook's attachment handling that allowed an executable to be appear to be a harmless attachment such as a graphics file.) This bug was later fixed so that only the last . represented the end of the filename and the beginning of the file extension — the correct behavior for the Windows filesystem. Opening or previewing an e-mail can cause code to run without the user's knowledge or consent. A host of viruses exploited this. See Outlook and Trustworthy Computing Intiative for more information on how Microsoft has responded.
Outlook Express has earned a reputation as the de factoDe facto is a Latin expression that means "in fact" or "in practice", commonly used as opposed to de jure (meaning "by law") when referring to matters of law or governance or technique (such as standards), that are found in the common experience as create standard email client because of its wide availability, and also as the de facto vectorA vector in computing, more precisely, when talking about malicious code such as viruses or worm, is the method this code uses to propagate itself or infect the computer. Some common vectors: buffer overflows HTML email with JavaScript or other scripting of wormA computer worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program; however, a worm is self-contained and does not need to be part of another program to propagats and virusIn computer security technology, a virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents (for a complete definition: see below). Thus, a computer virus behaves in a way similar to a biologices. The Macintosh version, no longer under development, was less vulnerable.
As of late, Microsoft has talked of halting development on Outlook Express, but has not stopped support or use of the software with its WindowsImage use policy. Microsoft Windows is a range of commercial operating environments for personal computers. The range was first introduced by Microsoft in 1985 and eventually has come to dominate the world personal computer market. All recent versions of operating system.
