Welcome Stranger to OCC!Login | Register

Outlook Bug Discovered with Serious Security Implications

Category: Bugs / Virus
Posted: 08:39AM

If you use Microsoft Outlook to manage your email, make sure it is updated to the latest version. Earlier this month security researcher Haifei Li reported an Outlook bug named BadWinmail to Microsoft and this issue could be exploited to compromise a machine without end-user interaction.

The issue revolves around Windows Object Linking and Embedding (OLE) system, which is used for objects embedded in Office documents, including Outlook emails, and Flash. Due to a flaw with how Outlook sandboxes embedded Flash, it is possible for malicious Flash code to be executed and use Flash vulnerabilities to install other pieces of malware on a user's computer. Because Outlook will use OLE to run the embedded code when viewing or even previewing an email, there is little the end-user has to do to be attacked. It is even possible for the end-user to do nothing but have Outlook open, if it is set to preview the most recent email, and it happens to be carrying the malicious code.

While this is a serious issue, Microsoft has already patched it, so if you update Outlook to a version newer than December 8, you should have the fix.

Source: Softpedia

Register as a member to subscribe comments.

© 2001-2018 Overclockers Club ® Privacy Policy
Elapsed: 0.1873300076   (xlweb1)