You just can't open it in Outlook Express, neither in the preview pane nor in a window. Other email programs that don't rely on the Windows HTML rendering engine should work just fine. The "patch" doesn't prevent Thunderbird and the text-only email notifier program I use called PopTray from opening mail. So, if one is not using an MS email client, it's not that drastic.
As far as HTML help is concerned, I've yet to have a problem after applying Merijn's "patch." But I'm still testing at this point.
On the computer here I have 3 email programs installed: 2 clients (Outlook Express and Thunderbird), and 1 notifier (PopTray). I will uninstall Outlook Express eventually, but my partner, who also uses this computer, is still getting used to Firefox and isn't reading for me to cut the OE cord.
Here's what happens in the three email programs:
1) Outlook Express is set to read messages as text only and to use the Restricted Zone settings. With Merijn's patch enabled along with these settings, Outlook Express will download mail and display the "envelopes," by which I mean the information in the upper pane ("From," "Subject," "Received," etc.) However, the lower, preview pane (if enabled) is blank. The message is not displayed when opened, either.
2) Thunderbird is also set to read messages at text only. With Merijn's patch enabled, it is still possible to preview and open all messages.
3) PopTray has only one setting: read in text only. With Merijn's patch enabled, it is possible to preview messages as well.
Conclusions: Outlook Express uses the Windows HTML rendering engine to display messages even when "text only" mode is selected. Thunderbird does not rely on the MS engine to display messages; that's why it's not affected by Merijn's patch. PopTray also does not rely on the MS engine (in fact, I wasn't completely sure about that before this test, but then again I rarely use the preview function of the program).
The interest of Merijn's patch for me is that it provides a GUI for changing active scripting settings in the Local Machine zone. Who will argue that it is not prudent to lock down IE as much as possible? Well, if one is relying on the MS HTML engine only for Windows Update, why not restrict the Local Machine zone as well as the other zones?
Read more + screenprint HERE
BugOff! From Merijin, creator of HiJackTHis, CWShredder, and more.
"A new app is available for download: BugOff. This disables a few exploits that are commonly used by browser hijackers to install themselves onto your system. In essence, it prevents such hijackers from ever installing, like SpywareBlaster.
There are no patches available from Microsoft for these exploits. Even if your system is fully up to date from WindowsUpdate you are vulnerable! This app should be used by everyone that uses Internet Explorer to browse the web. "
"Browser hijackers use a variety of methods to trick the user into installing them, but a growing
part of them uses vulnerabilities in Internet Explorer instead to install completely silent. Since
some of these exploits have NOT been patched by Microsoft yet, this app provides a
temporary solution for these vulnerabilities, by disabling the vulnerable Windows components."