Security News > 2018 > April > Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password
2018-04-12 08:32
A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month—almost 18 months after receiving the responsible disclosure report. The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users' Windows login credentials, just by convincing
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/66kSUkbqaU4/outlook-smb-vulnerability.html
Related news
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- Microsoft says having a TPM is "non-negotiable" for Windows 11 (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft fixes bug causing Outlook freezes when copying text (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2018-0950 | Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. | 6.5 |