Security News > 2018 > April > Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

2018-04-12 08:32
A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month—almost 18 months after receiving the responsible disclosure report. The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users' Windows login credentials, just by convincing
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/66kSUkbqaU4/outlook-smb-vulnerability.html
Related news
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- Microsoft fixes Outlook drag-and-drop broken by Windows updates (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft has finally fixed Date & Time bug in Windows 11 (source)
- Microsoft shares workaround for Windows security update issues (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-04-12 | CVE-2018-0950 | Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. | 6.5 |