Security News > 2019 > June > PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
2019-06-22 08:18
As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users. However, at that time, very few details of the flaw were available in the advisory, which just revealed that the earlier versions of the email app contained a cross-site
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/_YccFiboFKE/microsoft-outlook-vulnerability.html
Related news
- Microsoft fixes bug causing Outlook freezes when copying text (source)
- Microsoft fixes bug causing Outlook to freeze when copying text (source)
- Criminal IP: Bringing Real-Time Phishing Detection to Microsoft Outlook (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft shares temp fix for Outlook crashing when writing emails (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-29 | CVE-2019-1105 | Cross-site Scripting vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. | 5.4 |