Security News

Microsoft shared a workaround for Outlook Desktop blocking attempts to open IP address or fully qualified domain name hyperlinks after installing this month's security updates. "Outlook blocks opening FQDN and IP address hyperlinks after installing protections for Microsoft Outlook Security Feature Bypass Vulnerability released July 11, 2023," the company says.

Microsoft will retire the Windows Mail and Calendar applications on Windows 10 and Windows 11 at the end of the year, first auto-migrating users to the new Outlook for Windows app in August. Initially developed for Windows 10, Windows Mail and Calendar are built-in Windows applications that provide an easy-to-use application for retrieving your email and scheduling events, tasks, and appointments.

According to cloud security company Wiz, the inactive Microsoft account consumer signing key used to forge Azure Active Directory tokens to gain illicit access to Outlook Web Access and Outlook.com could also have allowed the adversary to forge access tokens for various types of Azure AD applications. Wiz's analysis fills in some of the blanks, with the company discovering that "All Azure personal account v2.0 applications depend on a list of 8 public keys, and all Azure multi-tenant v2.0 applications with Microsoft account enabled depend on a list of 7 public keys."

Microsoft is having a rough week with troubles including an Outlook.com bug that prevented some email users from searching their messages for several hours on Thursday, and a Teams flaw that allows people to send phishing emails and malware to other Teams users. While the Outlook.com bug borking users' email was certainly an annoying inconvenience, perhaps a bigger problem is the Teams weakness.

Microsoft is investigating an ongoing issue preventing Outlook.com users from searching their emails and triggering 401 exception errors. "Our initial review of Outlook.com server logs, in parallel with HTTP Archive format logs captured during an internal reproduction of impact, indicates 401 errors are occurring due to an exception when users attempt to perform the search," Microsoft says on the service health portal.

Microsoft is investigating an ongoing issue preventing some customers from accessing their Exchange Online mailbox through Outlook on the web. While Microsoft says this outage only impacts the North American region, user reports show that the issue might also affect users in South America.

Network and IT admins have been dealing with ongoing Microsoft 365 issues this week, reporting that some end users cannot use Microsoft Outlook or other Microsoft 365 apps. The issues started Monday, with numerous admins contacting BleepingComputer to say that some of their users are experiencing disruptive issues in Microsoft Outlook, with the program not opening, freezing after opening, seeing delays in mail delivery, or errors saying there is no valid license associated with the user.

Microsoft is working to address a known issue affecting Outlook for Microsoft 365 customers, causing slow starts and freezes as if Offline Outlook Data Files are being synced right after launch. Users will see errors saying, "Cannot start Microsoft Outlook. Cannot open the Outlook window. The set of folders cannot be opened. The attempt to log on to Microsoft Exchange has failed."

"These attacks likely rely on access to multiple virtual private servers in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," the tech giant said in a post on Friday.Redmond said it further observed the threat actor launching layer 7 DDoS attacks from multiple cloud services and open proxy infrastructures.

Microsoft has confirmed that recent outages to Azure, Outlook, and OneDrive web portals resulted from Layer 7 DDoS attacks against the company's services. The outages occurred at the beginning of June, with Outlook.com's web portal targeted on June 7th, OneDrive on June 8th, and the Microsoft Azure Portal on June 9th. Microsoft did not share at the time that they were suffering DDoS attacks but hinted that they were the cause, stating for some incidents that they were "Applying load balancing processes in order to mitigate the issue."