Security News

Microsoft Outlook bug blocks email logins, causes app crashes
2024-10-10 15:18

Microsoft is investigating an Outlook bug causing desktop app crashes, high system resource usage, and preventing users from logging into their accounts. [...]

Microsoft fixes Outlook email sending issue for users with many folders
2024-10-01 20:22

​Microsoft has fixed a known issue affecting Outlook for Microsoft 365 users that caused problems sending emails for those with too many nested folders. [...]

Microsoft shares workaround for Outlook crashing after opening
2024-08-16 22:30

​​​​Microsoft has shared a workaround for a known issue affecting Microsoft 365 customers and causing classic Outlook to crash after opening or when starting up in Safe mode. [...]

Microsoft shares temp fix for Outlook, Word crashes when typing
2024-08-15 13:55

​Microsoft has shared a temporary fix for a known issue that causes Microsoft 365 apps like Outlook, Word, and OneNote to unexpectedly crash while typing or spell-checking a text. [...]

Microsoft shares Outlook workaround for Gmail sign-in issues
2024-08-12 16:55

​​Microsoft has shared a temporary fix for a known issue preventing Microsoft 365 customers from signing in or adding Gmail accounts using classic Outlook. [...]

Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net
2024-08-07 13:23

Researchers say cybercriminals can have fun bypassing one of Microsoft's anti-phishing measures in Outlook with some simple CSS tweaks. William Moody, IT security consultant at Certitude, blogged today about how First Contact Safety Tip - a banner displayed in Outlook when a user receives a message from an address that typically doesn't contact them - can be hidden using CSS style tags.

Users call on Microsoft to update Outlook's friendly name feature
2024-08-06 12:18

Users are urging Microsoft to rethink how it shows sender email addresses in Outlook because phishing criminals are taking advantage, using helpful, friendly names to serve up emails loaded with malicious intent. Outlook will helpfully show the friendly name if it can rather than the actual address of the sender.

New Specula tool uses Outlook for remote code execution in Windows
2024-07-29 21:44

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. This C2 framework works by creating a custom Outlook Home Page using WebView by exploiting CVE-2017-11774, an Outlook security feature bypass vulnerability patched in October 2017.

Microsoft finally fixes Outlook alerts bug caused by December updates
2024-07-16 12:17

Microsoft has finally fixed a known Outlook issue, confirmed in February, which was triggering incorrect security alerts after installing the December security updates for Outlook Desktop. The company acknowledged the bug in early February after many Microsoft 365 users reported seeing unexpected warnings that "This location may be unsafe" and "Microsoft Office has identified a potential security concern" when double-clicking ICS calendar files.

Microsoft: New Outlook security changes coming to personal accounts
2024-06-15 14:12

Microsoft has announced new cybersecurity enhancements for Outlook personal email accounts as part of its 'Secure Future Initiative,' including the deprecation of basic authentication by September 16, 2024. The software giant also announced the end of support for 'Mail' and 'Calendar' apps on Windows, the deprecation of Outlook Light, and removing users' ability to access Gmail accounts via Outlook.com.