Security News

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

Microsoft has acknowledged an issue triggered by a Windows 10, version 21H2 security update released during the December 2021 Patch Tuesday that leads to search issues in Outlook for Microsoft 365. "After you install update KB5008212, recent emails may not appear in search results," Microsoft explained in a recently published Office support document.

Researchers have uncovered a previously unknown malicious IIS module, dubbed Owowa, that steals credentials when users log into Microsoft Outlook Web Access."The particular danger with Owowa is that an attacker can use the module to passively steal credentials from users who are legitimately accessing web services," he explained.

A new phishing campaign analyzed by email security provider Avanan exploits a key feature in Microsoft Outlook. To use Outlook against its users, hackers simply start by devising a phishing email that appears to be sent from an actual person.

Microsoft has shared a solution for Outlook users who have been experiencing search issues after upgrading to Windows 11. "This issue will happen with any account where the emails and other items are stored locally in PST or OST files such as POP and IMAP accounts," Microsoft says on its list of recent issues impacting Outlook for PC. "For Exchange and Microsoft 365 hosted accounts, this issue will affect offline search for the data in the locally stored OST files."

Microsoft has released the optional KB5005611 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1. This update fixes bugs in Microsoft Outlook and makes it easier to mitigate the PrintNightmare vulnerability. This cumulative update is part of Microsoft's September 2021 monthly "C" update, allowing Windows users to test the upcoming fixes before they are automatically deployed in the forthcoming October 2021 Patch Tuesday.

" Guess what? iOS 12 wasn't dead, it was just resting. Researchers rediscover an Outlook data leakage issue.

Guardicore security researcher Amit Serper has discovered a severe design bug in MIcrosoft Exchange's autodiscover - a protocol that lets users easily configure applications such as Microsoft Outlook with just email addresses and passwords. The flaw has caused the Autodiscover service to leak nearly 100,000 unique login names and passwords for Windows domains worldwide, Serper said in a technical report released this week.

Microsoft's autodiscover process can include numerous different steps, as explained in its own Autodiscover documentation, and different apps may use slightly different variants on the Microsoft's central theme. The researchers claim that over the next four months, they collected more than 1,000,000 unsolicited and unexpected autodiscover requests, of which a significant minority included authentication tokens or plaintext passwords that could, in theory, give access to the leaked accounts.