This article is a good status of the kinds of security attacks happening in 2005.
Security is very important for the Outlook Express team and a high priority when we pick features.
OE Security improvements in XP SP2:
- AES: Security Checks when launching attachments found in email. Details: UI and technical.
- Blocked External Images/Content: This gives users privacy when they read email. The sender can’t use URLs that allow him/her to find out if and when the receiver read the message.
- HTML Security: We disabled various features of HTML that aren’t used in normal emails, IFRAMEs for example.
- Code Hardening: We made a security pass to improve Defense in Depth (See Writing Secure Code, strsafe.h, TMAs, and Microsoft Trustworthy Computing)
Windows Mail Security improvements in Windows Vista betas (as of 1/1/2006):
- Spam Filter: Outlook Express now includes the same spam filtering engine as is used by Hotmail and Outlook.
- Code Hardening: As part of Trustworthy Computer, Microsoft has built a large set of tools to analyze code for ways to add additional layers of security and harden code. Security has been a big focus across Vista.