Security News > 2018 > April > Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password
2018-04-12 08:32
A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month—almost 18 months after receiving the responsible disclosure report. The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users' Windows login credentials, just by convincing
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/66kSUkbqaU4/outlook-smb-vulnerability.html
Related news
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft fixes bug causing Outlook freezes when copying text (source)
- Microsoft fixes bug causing Outlook to freeze when copying text (source)
- Criminal IP: Bringing Real-Time Phishing Detection to Microsoft Outlook (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2018-0950 | Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. | 6.5 |