IE 11 is not supported. For an optimal experience visit our site on another browser.

Security-conscious NASA tightens e-mail policy

Even as it prepares for its first nighttime shuttle launch in four years, NASA has clamped down on its computer network policies, due to security concerns raised about documents sent as e-mail attachments.

Even as it prepares for its first nighttime shuttle launch in four years, NASA has clamped down on its computer network policies, due to security concerns raised about documents sent as e-mail attachments.

Shuttle planners were reportedly adjusting their e-mail routines to accommodate the new network limits, and the policy change wasn't expected to impact plans to launch the shuttle Discovery on its 12-day mission to the international space station. Liftoff is scheduled at 9:35 p.m. ET Thursday, although unacceptable weather conditions could force a postponement.

Representatives at NASA Headquarters told MSNBC.com on Thursday that the new limits would block the receipt of Microsoft Word documents coming in to the space agency's core computer network as e-mail attachments. (MSNBC.com is a joint venture of Microsoft and NBC Universal.)

The limits were instituted Wednesday night in response to an advisory from Microsoft that such attachments could be used maliciously to gain unauthorized access to the network, said Grey Hautaluoma, a spokesman at NASA Headquarters.

"There is that concern right now," Hautaluoma said. "We're working around it."

NASASpaceFlight.com, an independent online news outlet, reported that a memo went out from shuttle program manager Wayne Hale asking his team to assess whether the limits might have a "severe mission impact."

Jennifer Tharpe, an information specialist at NASA's Kennedy Space Center in Florida, told MSNBC.com that the shuttle team determined the workarounds would be sufficient for operations during Discovery's flight.

“It is a precautionary measure,” Tharpe said of the e-mail limits. “Typically, we don’t discuss matters of IT security. But it has no operational impact on the shuttle launch. There are several workarounds, and it’s just not an issue.”

Speaking privately, one NASA manager said in an e-mail that the limits would not affect documents being sent internally, but they could affect notes sent to NASA workers as attachments by outside contractors, such as United Space Alliance. In such cases, alternate measures could be taken — for example, copying the text out of the Word file and pasting it into an e-mail message.

In a security advisory issued Tuesday, Microsoft said a malicious hacker could use the Word vulnerability to take control of an unsuspecting user's computer. The company said the problem applies to versions of Microsoft Word sold from 2000 through 2006 — but not Microsoft Word 2007, which is currently available only to businesses.

To fall prey, a computer user would have to open a Word document attached to an e-mail. Microsoft advised users to reject unsolicited attachments even if they appeared to come from friends and colleagues.

Microsoft says is investigating the vulnerability but has not yet announced a fix.

Another type of computer concern, related directly to the space shuttle fleet, could affect the timing of Discovery's mission: In the past, the shuttle's computer system has not been programmed to handle the changeover from Dec. 31 to Jan. 1 as other computers do. For that reason, NASA has avoided launching shuttles near the end of the year — and NASA would prefer to avoid the changeover for this mission as well. That's why Discovery's launch window is currently slated to close Dec. 17.

NASA has developed workarounds for the year-end problem, but they have not yet been fully tested. Nevertheless, if launch is delayed past Dec. 17, the space agency may consider going ahead with a later liftoff and using the workarounds.

NBC News space analyst James Oberg contributed to this report.