I get warnings about a program accessing e-mail address information or sending e-mail on my behalf

In many cases, you can prevent these Microsoft Office Outlook 2007 security warnings by installing antivirus software and ensuring that it is updated regularly. This article explains why the security warnings appear and what the conditions must be to not get them.

In this article


Symptoms

One of the following security warnings appear:

  • A program is trying to access e-mail address information stored in Outlook. If this is unexpected, click Deny and verify your antivirus software is up-to-date.
  • A program is trying to send an e-mail message on your behalf. If this is unexpected, click Deny and verify your antivirus software is up-to-date.
  • A program is trying to perform an action that may result in an e-mail message being sent on your behalf. If this is unexpected, click Deny and verify your antivirus software is up-to-date.

Top of Page Top of Page

Cause

These security warnings appear when a program attempts to access your contact information in the Outlook Address Book, or attempts to send e-mail on your behalf. By default, only COM add-ins (COM add-in: A supplemental program that extends the capabilities of a Microsoft Office program by adding custom commands and specialized features. COM add-ins can run in one or more Office programs. COM add-ins use the file name extension .dll or .exe.) are trusted programs. Your e-mail administrator may have allowed only specific add-ins by adding them to a "Trusted add-ins" list. Any other program is not trusted, and a security warning appears because of the potential risk that the program is malicious and designed to use Outlook to spread viruses. Before this safeguard was put in place, viruses such as Melissa and ILOVEYOU were able to access Outlook and spread by sending messages to the people listed in Contacts.

Programs that start automatically    It is possible that the program started automatically. For example, a program tries to automatically send an e-mail message by using the Item.Send method in the Outlook object model.

Programs that you start    It is also possible that you started the program. For example, you are using a program to synchronize your PDA or mobile device with Outlook data.

Top of Page Top of Page

Resolution

Resolve this security warning

  • If you did not expect a program to access Outlook, or if you are not sure whether the program attempting to access Outlook is trustworthy, click Deny.
  • If you clicked a command or started a program that you know is supposed to access Outlook data or send e-mail messages using Outlook, and you consider the program to be trustworthy, do one of the following:
    • Click Allow.
    • If you are prompted to allow access to recipient information, select the Allow access for check box, click the amount of time that you want to grant access for, and then click Allow.

 Note   You should pick the least amount of time necessary for the other program to access your Outlook data. If the program needs additional time, the security warning will appear again.

Prevent this security warning from appearing again

Under certain conditions, installing an antivirus program and keeping it updated regularly might prevent this security warning from appearing again. The conditions are as follows:

  • Your antivirus software must be compatible with Microsoft Windows XP Service Pack 2 (SP2). Check with your antivirus software vendor.
  • Your antivirus software must be updated regularly. Most antivirus programs enable you to get automatic updates when you are online. Check with your antivirus software vendor.
  • Your antivirus software is configured to share its update status with other applications. Typically, antivirus programs share their update status with other applications by default. To check the update status setting, look in the preferences or options for your antivirus program, or check with your antivirus software vendor.

 Notes 

  • Office Outlook 2007 relies on the Windows Security Center to check for the presence of the antivirus program and update its status.
  • If your antivirus software subscription expires or has been inactive, you might get the security warning again when a program attempts to access Outlook.

View security settings in the Trust Center

The Programmatic Access security settings in the Trust Center provide the following options:

  • Warn me about suspicious activity when my antivirus software is inactive or out-of-date (recommended)     This is the default setting in Office Outlook 2007. Suspicious activity refers to an untrusted program attempting to access Outlook.
  • Always warn me about suspicious activity     This is the most secure setting and you will always be prompted to make a trust decision when a program attempts to access Outlook.
  • Never warn me about suspicious activity (not recommended)     This is the least secure setting.

To view these settings, do the following:

  1. On the Tools menu, click Trust Center.
  2. Click Programmatic Access.

 Notes 

  • If your computer is managed by a Microsoft Exchange administrator or a Microsoft Windows Active Directory Domain Services administrator in your organization, and the administrator changes the default setting and prevents users from making changes, the option to customize the Programmatic Access security settings will be disabled.
  • If your computer is not managed by an Exchange administrator or a Microsoft Windows Active Directory Domain Services administrator, and you are the Windows administrator of your computer, you can change the Programmatic Access security settings. However, this is not recommended.

Top of Page Top of Page

 
 
Applies to:
Outlook 2007