Microsoft has acknowledged that a bug in its Windows Live OneCare security suite has been causing users' email to vanish from Outlook and Outlook Express.
The company said a fix is in the works and will be pushed to OneCare users next week.
The OneCare bug, first reported by users writing on a OneCare support message thread six weeks ago, seemed to be deleting Outlook and Outlook Express data files – .pst and .dbx files, respectively – after a malware scan.
"The programme did a scheduled update and then did the normal scan on my hard drive," user, Kevin Kimp said. "The next time I opened Microsoft Outlook, I got a message stating that Outlook could not find the file outlook.pst. This programme has done more damage to my computer and my business than any virus or spyware that I have ever had."
Other users reported similar behaviour with Outlook Express.
As of midday Tuesday, no solution had been posted to the forum, even though one moderator noted that the same problem had plagued an earlier version of OneCare nine months ago.
The next day, Microsoft owned up to the bug. When OneCare's antivirus scanner detects malicious code in an emailed file attachment, it may quarantine Outlook's or Outlook Express' data file, making it appear that all the messages have been erased, said the company.
"We are working to address an issue where the anti-malware engine for OneCare is erroneously quarantining Outlook .pst files or Outlook Express .dbx files, when the .pst file or .dbx file contains an infected attachment," a Microsoft spokesperson said. The fix will be included in the next scanning engine update, which is due to roll out 13 March.
In the meantime, Microsoft said, users can recover a quarantined data file by following these instructions:
- Close Outlook or Outlook Express
- Click "Change OneCare Settings" in the OneCare main screen
- Click on the "Viruses & Spyware" tab
- Click on the "Quarantine" button and then select the .pst or .dbx file
- Click "Restore"
To prevent OneCare from quarantining the data file between now and next week, Microsoft recommends that users exclude the .pst or .dbx files from scanning.
- Click "Change OneCare Setting" in the main OneCare screen
- Click the "Viruses & Spyware" tab
- Click on the "Exclusions" button
- Click on the "Add folder" button
- Navigate to the folder containing the .pst or .dbx to be excluded, then click "OK"
According to Microsoft, the bug affects Outlook 97 and Outlook 2000, as well as Outlook Express running on Windows XP.
OneCare has fared poorly in recent weeks. Last Thursday, The AV Comparatives Web site rated OneCare as the lease effective antivirus defender out of 17 programmes. In February, Microsoft had to patch the malware scanning engine in OneCare – and its other security products – to make sure attackers could not hijack PCs by feeding them malformed PDF files.