Results 1 to 6 of 6
  1. #1
    5 Star Lounger Vincenzo's Avatar
    Join Date
    Mar 2004
    Posts
    654
    Thanks
    95
    Thanked 14 Times in 13 Posts

    Is Preview Pane still a risk?

    Will Outlook run active content in emails viewed in the preview pane? In other words, can you get infected by viewing (not opening attachments) a malicious email? I know it longer opens graphics to protect privacy, but what about infection concerns?

    Thanks

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Starting in Outlook 2007, HTML messages are rendered using code derived from Word rather than using the Internet Explorer rendering engine. This significantly reduces the types of "active content" that will run in either the Reading Pane or when the message is viewed in full. But is it completely safe? I'm not sure anyone can say that.

  3. #3
    5 Star Lounger Vincenzo's Avatar
    Join Date
    Mar 2004
    Posts
    654
    Thanks
    95
    Thanked 14 Times in 13 Posts
    OK thanks for the info.

    My concern then is that if the content is being rendered rather than viewed as plain text, that there is a chance that malicious content could deliver its payload. I've looked around a bit, can't seem to find any definitive answer, just a lot of conjecture.

    Thanks

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Plain text will always be safest. The problem with assessing the risk is that attackers keep discovering little security flaws in HTML rendering engines, several times a year, so there will always be some level of exposure.

  5. #5
    5 Star Lounger Vincenzo's Avatar
    Join Date
    Mar 2004
    Posts
    654
    Thanks
    95
    Thanked 14 Times in 13 Posts
    My experience shows a lot of people that use the preview pane. Yet I rarely if ever read about it being a security risk anymore, so I am uncertain if I should warn people that I come across who use it.

  6. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by Vincenzo View Post
    I am uncertain if I should warn people that I come across who use it.
    If they have a decent spam and virus filter, then I wouldn't bother warning them about it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •