[AccessD] Outlook 2K automation warning

Charlotte Foust cfoust at infostatsystems.com
Wed Jan 19 14:47:53 CST 2005


They "broke" it by plugging a security hole.  I can't think of any way
for the machine to know wether a particular instance of a program trying
to use Outlook is legitimate or not.  There a web bugs that can "phone
home" and trojans that can use your machine in a DDOS attack, which
leaves *you* liable.  Which aggrevation would you prefer? 

Charlotte Foust


-----Original Message-----
From: Joe Rojas [mailto:JRojas at tnco-inc.com] 
Sent: Wednesday, January 19, 2005 12:21 PM
To: 'Access Developers discussion and problem solving'
Subject: RE: [AccessD] Outlook 2K automation warning


You got to be kidding me. Microsoft intentional broke any application
that uses the OOM and provides no mechanism as a means to bypass
legitimate application?

JR

-----Original Message-----
From: Charlotte Foust [mailto:cfoust at infostatsystems.com]
Sent: Wednesday, January 19, 2005 12:43 PM
To: Access Developers discussion and problem solving
Subject: RE: [AccessD] Outlook 2K automation warning

Welcome to the wonderful world of Big Brother security!  Take a look in
the archives for discussions on the use of Redemption or ClickYes for
Outlook security madness.

Charlotte Foust


-----Original Message-----
From: Jim DeMarco [mailto:Jdemarco at hudsonhealthplan.org]
Sent: Wednesday, January 19, 2005 9:30 AM
To: Access Developers discussion and problem solving
Subject: [AccessD] Outlook 2K automation warning


List,

Our valiant notwork guys installed Outlook 2K sp-3 on a machine here.
This machine has Outlook code that traps the NewMail event then stores
certain messages to a help desk Access database.  Ever since they
installed the SP we're getting popups on every mail that arrives in our
admin person's Inbox requiring her intervention.  The dialog reads:

<annoying_popup>
A program is trying to access e-mail addresses you have stored in
Outlook. Do you want to allow this?

If this is unexpected, it may be a virus and you should choose "No".
</annoying_popup>

It then asks for how long access should be provided.

Is there any way to get rid of this popup? This admin person does all
the admin for our dept. and gets a lot mail and is quite fed up with
clicking past this thing (she also has to select a check box on the
dialog to continue).

I tried removing the code and writing it into a stand-alone VB app that
traps the NewMail event figuring it was the presence of Macros that
caused it but no luck.

TIA,

Jim DeMarco
Director Application Development
Hudson Health Plan
Tarrytown, NY



************************************************************************
***********
"This electronic message is intended to be for the use only of the named
recipient, and may contain information from Hudson Health Plan (HHP)
that is confidential or privileged.  If you are not the intended
recipient, you are hereby notified that any disclosure, copying,
distribution or use of the contents of this message is strictly
prohibited.  If you have received this message in error or are not the
named recipient, please notify us immediately, either by contacting the
sender at the electronic mail address noted above or calling HHP at
(914) 631-1611. If you are not the intended recipient, please do not
forward this email to anyone, and delete and destroy all copies of this
message.  Thank You".
************************************************************************
***********

--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com
--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com



This electronic transmission is strictly confidential to TNCO, Inc. and
intended solely for the addressee. It may contain information which is
covered by legal, professional, or other privileges. If you are not the
intended addressee, or someone authorized by the intended addressee to
receive transmissions on behalf of the addressee, you must not retain,
disclose in any form, copy, or take any action in reliance on this
transmission. If you have received this transmission in error, please
notify the sender as soon as possible and destroy this message. While
TNCO, Inc. uses virus protection, the recipient should check this email
and any attachments for the presence of viruses. TNCO, Inc. accepts no
liability for any damage caused by any virus transmitted by this email.
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com



More information about the AccessD mailing list