Microsoft has acknowledged that a bug in its Windows Live OneCare security suite has been causing users' email to vanish from Outlook and Outlook Express.

A fix will be pushed to users next week, for the bug which was first reported by users writing on a OneCare support message thread six weeks ago, said Microsoft. The bug seemed to be deleting Outlook and Outlook Express data - .pst and .dbx files, respectively - after a malware scan.

"The program did a scheduled update and then did the normal scan on my hard drive," Kevin Kimp wrote in an email to Computerworld. "The next time I opened Microsoft Outlook, I got a message stating that Outlook could not find the file outlook.pst. This program has done more damage to my computer and my business than any virus or spyware that I have ever had."

Other users reported similar behaviour with Outlook Express.

As of midday Tuesday, no solution had been posted to the forum, even though one moderator noted that the same problem had plagued an earlier version of OneCare nine months ago.

On Wednesday, Microsoft owned up to the bug. When OneCare's anti-virus scanner detects malicious code in an emailed file attachment, said the company, it may quarantine Outlook's or Outlook Express' data file, making it appear that all the messages have been erased.

"We are working to address an issue where the anti-malware engine for OneCare is erroneously quarantining Outlook .pst files or Outlook Express .dbx files, when the .pst file or .dbx file contains an infected attachment," a Microsoft spokesperson said. The fix will be included in the next scanning engine update, which is due to roll out on 13 March.
In the meantime, Microsoft said, users can recover a quarantined data file by following these instructions:

Close Outlook or Outlook Express.
Click "Change OneCare Settings" in the OneCare main screen.
Click on the "Viruses & Spyware" tab.
Click on the "Quarantine" button and then select the .pst or .dbx file.
Click "Restore."

To prevent OneCare from quarantining the data file between now and next week, Microsoft recommends that users exclude the .pst or .dbx files from scanning.

Click "Change OneCare Setting" in the main OneCare screen.
Click the "Viruses & Spyware" tab.
Click on the "Exclusions" button.
Click on the "Add folder" button.
Navigate to the folder containing the .pst or .dbx to be excluded, then click "Okay."

According to Microsoft, the bug affects Outlook 97 and Outlook 2000, as well as Outlook Express running on Windows XP.

OneCare has fared poorly in recent weeks. Last Thursday, The AV Comparatives website rated OneCare as the least effective anti-virus defender out of 17 programs. In February, Microsoft had to patch the malware scanning engine in OneCare - and its other security products - to make sure attackers could not hijack PCs by feeding them malformed PDF files.