Drag and Drop URL

I am using Outlook Express.  
Today I got an update and I seem to have lost some functionality that I use constantly:

I view my email in text mode and when I get an email that has a URL, that URL is colored blue and is underlined.  As always I can click it and it opens an IE browser (or reuses one if it is already opened).

So here is the new change/problem:  
Rather then clicking that URL, I often DRAG it and drop it onto an open browser window.   It is a very convenient way to operate when I have multiple browsers open.

With this latest Windows Update, I have LOST that functionalite.  When I drag a URL over a browser window, the mouse cursor does not change to indicate a drop target and "dropping" has no effect.

I'm guessing that this is a recent change to plug a security hole.   What I want to know is if anybody else has noticed this and if there is a registry setting or something that I can change to get my computer back to the way I like it.

LVL 50
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DanRollinsAuthor Commented:
I just discovered that If I change my OE settings and uncheck
  Tools > Options > Read > Read all Messages in Plain text

then the drag-and-drop works as expected.  However, I'd still like to know if there is a way to make this work when viewing the emails in plain text.

Interesting , Dan

What OS and What OE version you have ?

I have windows xp (no Sp2) , OE 6 and IE 6.0 and checking " Read all messages in Plain text", it still works for me.
AFAIK, there has not been any latest update to OE 6 . Probably , I guess I should have got the latest update that you had got just time , sometime back , if we have the same version..


oops.. my previous statements last time was confusing, is it not.. Just got up..

If we are having the same version of OE then the latest update that you are talking about , I got it long time back. Well that should not affect anything. Just saying..
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Couple of other things

a) If you drag and drop an email address that might be part of the body of the email , does it open your default email client , like if you drag and drop the email address on to the address bar of IE, does it open OE or Outlook or whatever you are using as client

b) I am not sure if you would like this to do or want to do , if you know exactly which update would have caused it then research more on that update to see for known issues or post here so experts here can see , or if you donot know the security update or donot have enough research info on the bugs of the update , you may want to go to windows update page and see the latest updates you have done and going to add/remove programs and uninstall it to see if that helps in anyway

DanRollinsAuthor Commented:
Thanks for checkin here sunray_2003,

Version info:
   Windows 2K --  Version 5.0 (Build 2195; service Pack 4)
   OE says that it is 6.00.2800.1123
   IE says that it is  6.0.2800.1106 "Update Versions SP1; Q867801; Q823353; Q833989;

I am assuming that this is related to a Windows Update that just took effect.  The tray icon announced that it had a update available and then after installing, it (unusually) required a reboot.

I am not 100% certain that the change took place directly after the update, but I use that drag-URL technique so often that it must have happened *very* recently.

>>  If you drag and drop an email address ...
Even in http view in OE, I can only click email addresses (I don't recall ever being able to drag them)

>> if you know exactly which update ...

The Windows Update site says I got these updates yesterday:
    MS04-031: Vulnerability in NetDDE could allow remote code execution

    MS04-032: Security update for Microsoft Windows

    MS04-037: Vulnerability in Windows shell could allow remote code execution

    MS04-038: Cumulative Security Update for Internet Explorer

Plus there was this Hotfix to Media Player that looks like it might be related
    Update for Windows Media Player URL script command behavior

I'm hoping to find a registry setting to reverse the change, but if noithing like that pops up, I guess I'll try backing off the recent updates.  

I'm far from certain that would fix the problem -- I'm thinking that there was a security hole that was "fixed" by changing a pre-existing security policy or something like that.

-- Dan

I think the only difference between your case and what I have is that I have XP ..
I have got all the updates for OE and IE and still it works for me..

I shall research on these updates and check if I can find something. I am not real good at registry but I shall try to get some help on that too..

Uninstallation of
 MS04-038: Cumulative Security Update for Internet Explorer
should immediately prove if that is the culprit

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DanRollinsAuthor Commented:
That did the trick.
After uninstalling, the previous URL drag-and-drop behavior was restored.

I noticed that uninstalling restored many of the core TPC/IP and HTTP DLLs (such as WinInet.DLL).   Reading up on MS04-038, I see that I am back to being vulnerable to some sort of remote code execution attack.  However,  I am willing to "self-insure" -- take what is probably a tiny risk in exchange for a familiar convenience.  

These security issues are a balancing act.  If Microsoft does not react quickly and forcefully when somebody points out a vulnerability, they are attacked from all sides.   I can respect the need to be "over protective" but I do wish that they would be right up front about any loss of functionality that goes into effect when a breach is mended.

Thanks a lot for your help sunray_2000!

-- Dan

You are welcome.. Glad you got the function that you needed..

Seems to be a good day for me. I solved my own router issue with the help of Lrmoore.. Super day , Today

You can actually resolve this problem without uninstalling the update. You just have to lower the security restrictions on ActiveX components in the Internet security settings area in Outlook or Internet Explorer.
DanRollinsAuthor Commented:
Thanks General-Smirnov.
I have two pending updates from WindowsUpdate, but I've put off installing (re-installing) them because of this problem.

Can you tell me the specific places in Outlook Express and/or IE to make the changes (and the changes to make) after I install the updates?

-- Dan
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.