Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Windows Net Apps :: bt1204.txt

Outlook security updates not stopping Swen

(posted to dshield also)
For all of you who have been flooded with Swen emails.  I've gone around
a few times over the last few days with a combination of ISA server,
outlook and Norton not being able to stop the latest Microsoft-hoax swen
virus email.  Here is what I came up with:

I just tested a win 98 system and a win XP Pro system after installing
the latest office service pack and security updates.

On the win98 system Outlook would still trigger the swen .exe attachment
from just the email preview and doesn't filter any dangerous file
extension attachments as its supposed to.

Installing the same service packs and security patches on the xp pro
machine, running the same version of office, fixed the problem.  The
default dangerous file extension attachments are stripped out of the

On the win98 system I had to go in to the registry and add the Level1Add
string value (along with a few preceding registry keys) and manually add
all of the extensions I want to be filtered.  This looks like it took
care of the problem as I've sent myself a few .exe and .com files that
have been stripped out.

See article:;EN-US;312834

To see the recommended list of file extensions to block if you also need
to add these by hand see article:

and scroll down to "Attachment Behavior".

It strikes me as surreal that Microsoft releases a security update to
fix a bug, which security update itself has a bug and another update web
page on how to manually fix it.  Couldn't they go back and re-release a
working version of their original security update?!


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH