Security News > 2019 > June > Microsoft Outlook for Android Open to XSS Attacks
2019-06-21 19:50
A spoofing bug (CVE-2019-1105) can open the door to an email attack chain.
News URL
https://threatpost.com/microsoft-outlook-android-xss/145924/
Related news
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Microsoft fixes bug causing Outlook freezes when copying text (source)
- Microsoft fixes bug causing Outlook to freeze when copying text (source)
- Criminal IP: Bringing Real-Time Phishing Detection to Microsoft Outlook (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-29 | CVE-2019-1105 | Cross-site Scripting vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. | 5.4 |