Microsoft KB Archive/193748

= OLEXP: How to Ensure E-Mail Attachments Are from a Trusted Source =

Article ID: 193748

Article Last Modified on 1/23/2007

-

APPLIES TO


 * Microsoft Outlook Express 4.01
 * Microsoft Outlook Express 4.0
 * Microsoft Outlook Express 4.01
 * Microsoft Outlook Express 4.0
 * Microsoft Windows 98 Standard Edition

-



This article was previously published under Q193748



SUMMARY
This article describes how to ensure e-mail attachments you receive are from a trusted source.



MORE INFORMATION
If you receive an e-mail message with an attached program from an unknown source, you should try to obtain the program from the vendor instead of running the attached version. For example, if you receive an imposter e- mail message with an attachment that claims to update the version of Microsoft Internet Explorer or Outlook Express you are using, you should instead obtain the update (if it exists) from the Microsoft Windows Update site because you know it is from a trusted source.

To help prevent you from running a malicious program you receive as an e- mail attachment, Outlook Express uses Digital Code Signing. Digital Code Signing is a standard that helps ensure that files you download from the Internet or receive in e-mail are from trusted sources and have not been altered since their creation. When you attempt to download a file from the Internet or open an e-mail attachment, a check is performed to determine if the file is signed by the publisher and whether or not the certificate used to sign the code is valid. If you attempt to open an unsigned e-mail attachment, Outlook Express warns you that you are attempting to run an unsigned program.

For additional information about Digital Code Signing and security settings in Internet Explorer, please see the following article in the Microsoft Knowledge Base:

155444 Description of Digital Code Signing in Internet Explorer

Microsoft Windows 98 includes a tool called Microsoft Signature Verification Tool. You can use this tool to view files to determine if they are signed or unsigned files. A signed file is a file that has been given a digital signature by a certifying authority. For additional information about the Signature Verification tool, please see the following article in the Microsoft Knowledge Base:

185828 Description of the Signature Verification Tool

Additional query words: chain letters spam

Keywords: kbinfo KB193748

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.