Security News

Guardicore security researcher Amit Serper has discovered a severe design bug in MIcrosoft Exchange's autodiscover - a protocol that lets users easily configure applications such as Microsoft Outlook with just email addresses and passwords. The flaw has caused the Autodiscover service to leak nearly 100,000 unique login names and passwords for Windows domains worldwide, Serper said in a technical report released this week.

Microsoft's autodiscover process can include numerous different steps, as explained in its own Autodiscover documentation, and different apps may use slightly different variants on the Microsoft's central theme. The researchers claim that over the next four months, they collected more than 1,000,000 unsolicited and unexpected autodiscover requests, of which a significant minority included authentication tokens or plaintext passwords that could, in theory, give access to the leaked accounts.

Microsoft is investigating several issues impacting Outlook customers and leading to problems related to security keys, search results, and more. "Adding a Gmail account to Outlook while using a security key for 2-step verification causes this error: This browser does not support security keys," Microsoft revealed on its list of recent issues in Outlook for PC. Redmond is also looking for a fix to address reports of search results for Outlook Suggested Searches being inaccurate, incomplete, or missing.

SAP announced its financial results for the second quarter ended June 30, 2021. "We're seeing strong adoption of our cloud portfolio as customers select SAP for their business transformation. Our strategy is working; This is the third straight quarter of strong execution, and we continue to deliver unparalleled customer value through the strength of our platform and applications," said Christian Klein, CEO. "This has been another strong quarter with accelerating growth for SAP's cloud portfolio. We saw excellent customer momentum and adoption and are raising our outlook for revenue and profit," said Luka Mucic, CFO. Business update second quarter 2021.

Microsoft will roll out a fix for a known issue causing Outlook for Microsoft 365 to crash on systems where users attempted using the Search bar or Search Suggestions features. As Microsoft describes the issue, "If you attempt to use the"Search" bar within Outlook, the application will shut down.

Microsoft released the July 2021 non-security Microsoft Office updates with improvements and fixes for crashes and issues affecting Windows Installer editions of Office 2016 products. One week ago, Microsoft resolved issues and updated features for Microsoft 365 Apps for enterprise, Microsoft 365 Apps for business, and the subscription versions of the desktop apps for Project and Visio.

Microsoft has fixed a known issue causing Microsoft 365 to experience authentication issues when logging into desktop client apps like Microsoft Teams, OneDrive for Business, and Microsoft Outlook. If restarting the affected systems doesn't allow logins, customers are also advised to use the web versions of Microsoft Teams, OneDrive for Business, and Outlook.

Microsoft is investigating an Office 365 issue causing Outlook and Exchange Online emails to skip recipients' inboxes and being sent their junk folders instead. "We're investigating an issue in which email is being sent to the junk folder," Microsoft shared on the company's Microsoft 365 Status Twitter account. The Microsoft 365 Service health status page is currently directing customers to the Microsoft 365 Status Twitter account for more details regarding this ongoing incident.

A recent Windows 10 1909 cumulative update prevents Microsoft 365 desktop users from logging into Microsoft Teams, Microsoft Outlook, and Microsoft OneDrive for Business. This issue is caused by the Windows 10 1909 KB5003169 cumulative update released last week as part of the May 2021 Patch Tuesday updates.

A Microsoft Outlook update released today for the desktop client introduced bugs that prevent users from creating or viewing mail. In an incident status message in the Microsoft 365 Admin Center titled 'EX255650: Issue affecting viewing email content in Outlook', Microsoft states that they have identified the root cause of the issue and released a fix.