Intranet with Safe Zones for automatic picture downloads must be configured.

Description

<VulnDiscussion>Malicious e-mail senders can send HTML e-mail messages with embedded Web beacons, which are pictures and other content from external servers that can be used to track whether recipients open the messages. Viewing e-mail messages with Web beacons in them provides confirmation that the recipient's e-mail address is valid, which leaves the recipient vulnerable to additional spam and harmful e-mail. By default, Outlook does not download external content in HTML e-mail messages from untrusted senders over the local intranet. If this configuration is changed, Outlook will display external content in all HTML e-mail messages received via the local intranet, which could include Web beacons. </VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Information Assurance Officer</Responsibility><IAControls></IAControls>