Critical Bug in Outlook 2007

I’ve recently stumbled on a bug in Outlook 2007. Apparently it is quite well known and the only reason that I hadn’t found it was that I don’t use Outlook as my main email client. In fact I only use email on it to handle meeting requests.

The bug is that Outlook 2007 ignores the setting regarding sending reply requests for IMAP accounts.

If this seems rather irrellivant to you, you might want to think again.

If you have an email account that receives SPAM and you access it via IMAP, Outlook 2007 will ignore your setting for reply requests (the setting is defaulted to prompt). Since many SPAM emails have reply requested turned on, you will suddenly find that Outlook is trying to send a whole load of email messages that do not appear in any folder! You haven’t been asked, it is just doing it.

This is bad enough as you are now leaking information about your account out onto the Internet – but it gets worse!

Outlook does not send the replies out using the account that recieved the SPAM, it sends them out from the DEFAULT account.

So if you have, lets say for example, a work account that doesn’t recieve significant SPAM and is your default account in Outlook. Then you have a second, personal account perhaps, that does recieve significant SPAM. You will suddenly find that Outlook is sending hidden emails from your work account – these are the reply responses from your personal account. Now you are leaking information about your work account.

Now, there is a new, big update to Outlook 2007 that has just been released. It is not yet on Windows Update but Microsoft are touting it as the biggest and best set of updates for Outlook ever – see Jimmy May’s blog post for more information. Sadly though, despite the hype, the new update does not fix this critical bug.

The update – which will be part of the Service Pack 2 (SP2) for Office 2007 – certainly does vastly speed up the operation of Outlook 2007 so there is some good news.


Technorati : , , , , ,
Diigo Tag Search : , , , , ,