Security News > 2019 > June > PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
2019-06-22 08:18
As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users. However, at that time, very few details of the flaw were available in the advisory, which just revealed that the earlier versions of the email app contained a cross-site
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/_YccFiboFKE/microsoft-outlook-vulnerability.html
Related news
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- Microsoft fixes Outlook drag-and-drop broken by Windows updates (source)
- Microsoft says button to restore classic Outlook is broken (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft fixes button that restores classic Outlook client (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-29 | CVE-2019-1105 | Cross-site Scripting vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. | 5.4 |