Outlook needs a "sandbox" in which to execute scripts. There would be holes, but they could be patched as they came to light. The hacks only work until the next software update overwrites the changes.

>>You are so right about WSH. WSH is great. Outlook is the problem. The other problem is that Windows encourages users to run with full administrative privileges. If the user is reading email for a restricted user account, the viruses will only be able to execute with the privileges of that user.
>
>I have a friend who refers to Outlook as "Look Out!"< bg >
>
>I can, to some degree, understand the concern. However, it's a fairly simple registry hack to change the file associations to something like notepad, then blow away cscript.exe and wscript.exe if folks are really worried. This way you can't run scripts (which I think would be a loss), but at least you can programmatically access the objects from with another application like VFP.