Security News
Microsoft has fixed an issue causing some Microsoft 365 users' Outlook desktop clients to stop connecting to email servers via Exchange ActiveSync. Exchange ActiveSync is a synchronization protocol used by Microsoft Exchange to allow users to access their email, calendar, contacts, and tasks.
Microsoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office Protected View.Unauthenticated attackers can exploit CVE-2024-21413 remotely in low-complexity attacks that don't require user interaction.
Microsoft updated a security advisory today to warn that a critical Outlook bug was exploited in attacks as a zero-day before being fixed during this month's Patch Tuesday. Unauthenticated attackers can exploit CVE-2024-21413 remotely in low-complexity attacks that don't require user interaction.
2024 is expected to witness a surge in cyberattacks driven by global events and the widespread accessibility of advanced technologies. In this Help Net Security round-up, we present segments from previously recorded videos where cybersecurity experts discuss predictions for 2024, providing a comprehensive perspective on the challenges and opportunities awaiting organizations.
Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update."After updating to Version 2401 Build 17231.20182 Outlook stops connecting when using the Exchange ActiveSync protocol," Microsoft said.
Microsoft is investigating an issue that triggers Outlook security alerts when trying to open. ICS calendar files after installing December 2023 Patch Tuesday Office security updates.
Microsoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts. "For Outlook 2013 and Outlook 2016, if you are still seeing authentication prompts, please ensure you've enabled two step verification and create an app password. Use the app password in place of your normal password when Outlook prompts for authentication."
Microsoft is investigating an issue that prevents Outlook and other email clients from connecting when using an Outlook.com account. "Since starting around 1/23/24 users have reported issues connecting with Outlook 2013, Outlook 2016, Outlook for Microsoft 365, Thunderbird, and mobile email apps when connecting with POP, IMAP, and Exchange connections," Microsoft says.
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked...
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans...