You cannot customize Outlook Today after you install Critical Update 813489 for Internet Explorer

When you use the Outlook Today view in Outlook 2000, the Customize Outlook Today option does not work as expected.

This problem occurs after you install the Critical Update 813489 for Microsoft Internet Explorer. For additional information about the Critical Update 813489 for Internet Explorer, click the following article number to view the article in the Microsoft Knowledge Base:

Warning This article contains instructions to add a DWORD value in the registry. When you add the DWORD value, it partially disables the Critical Update 813489 for Internet Explorer. After you add the DWORD value, you can customized Outlook Today, but you will be vulnerable to an information-disclosure vulnerability that is related to the way that Internet Explorer handles encoded characters in a Web address (a Uniform Resource Locator [URL]). For more information about this vulnerability, see the "More Information" section of this article. Microsoft recommends that after you have customized Outlook Today, you remove the DWORD value, or you disable the DWORD value by setting it to 0 to help protect your computer from this vulnerability.

To work around this problem, partially disable the Critical Update 813489 for Internet Explorer, customize Outlook Today, and then enable the Critical Update 813489 for Internet Explorer.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base: To do this, follow these steps:

1. Quit Outlook 2000.
2. Click Start, click Run, type regedit in the Open box, and then click OK.
3. Locate and then click the following registry key:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Application Compatibility
4. Click Edit, click New, and then click DWORD Value.
5. Type Outlook.exe, and then press ENTER. This creates a new DWORD value named Outlook.exe.
6. With the new Outlook.exe DWORD value selected, click Edit, and then click Modify.
7. In the Value data box, type 1, and then click OK.
8. Quit Registry Editor.
9. Start Outlook 2000, and then go to the Outlook Today view.
10. Click Customize Outlook Today, and then customize the view as necessary.
11. Repeat steps 1 through 8. When you do step 8, set the Outlook.exe DWORD value to 0 instead of 1.

Note After you set the Outlook.exe DWORD value to 1 to partially disable the Critical Update 813489 for Internet Explorer, your computer is temporarily vulnerable to the vulnerability that is described in the "More Information" section of this article. When you use the Microsoft Baseline Security Analyzer tool (MBSA) to scan your computer for vulnerabilities, the MBSA Tool will not detect that the Critical Update 813489 for Internet Explorer has been partially disabled.

For more information, visit the following Microsoft Web site: Note The MBSA Web site always offers the most current version of the MBSA Tool.

How to export the Outlook.exe DWORD value with the value set to 1 and with the value set to 0

If you want to configure Outlook today regularly, you can export the Outlook.exe DWORD value with the value set to 1 and with the value set to 0. This permits you to export the appropriate registry value whenever you require the ability to customize Outlook Today. After you have customize Outlook Today, you can import the appropriate registry value to help protect your computer from the vulnerability that is described in this article.

To do this, follow these steps.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

1. Quit Outlook 2000.
2. Click Start, click Run, type regedit in the Open box, and then click OK.
3. Locate and then click the following registry key:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Application Compatibility
4. In the right pane of Registry Editor, locate and then click the Outlook.exe registry value. If the value has not already been created, create the value by using the steps that are listed in the "Workaround" section of this article.
5. With the new Outlook.exe registry value selected, click Edit, and then click Modify.
6. If the Value data box is not set to 1, type 1 in the box, and then click OK.
7. Click File, and then click Export.
8. In the File name box, enter a name that will help you remember the purpose of the registration file, for example type Not_Protected.
9. Select an appropriate folder to save the registration file, and then click Save. When you want to customize Outlook Today, locate the registration file that you saved in step 8, and double-click it to import the registry value. Now, you can customize Outlook Today.
10. Select the Outlook.exe registry value , click Edit, and then click Modify.
11. In the Value data box, type 0, and then click OK.
12. Click File, and then click Export.
13. In the File name box, enter a name that will help you remember the purpose of the registration file, for example type Protected.
14. Select an appropriate folder to save the registration file, and then click Save. When you have customized Outlook Today, and you want to help protect your computer from the vulnerability described in this article, locate the registration file that you saved in step 13, and then double-click it to import the registry value. Now, you cannot customize Outlook Today.
15. Quit Registry Editor.

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

This article discusses an information-disclosure vulnerability that might permit an attacker to craft a URL that contains some encoded characters. The encoded characters might redirect you to a second Web site. If you follow the URL, the attacker can gain the same access as you on the second Web site. This might permit the attacker to access any information that you share with the second Web site. For additional information about this vulnerability, click the following article number to view the article in the Microsoft Knowledge Base: This vulnerability was first documented in Microsoft Security Bulletin MS02-068. For additional information about this vulnerability, click the following article number to view the article in the Microsoft Knowledge Base:

For additional information about other articles the describe issues about how to customize Outlook Today, click the following article numbers to view the articles in the Microsoft Knowledge Base: