Despite fix, Microsoft Outlook users prone to cyber attacks: Expert

The update on April 10 came two years after the security flaw was first reported by US-based security researcher Will Dormann.
Despite fix, Microsoft Outlook users prone to cyber attacks: Expert

HYDERABAD:All Microsoft Outlook users, listen up! The last software update from Microsoft, on April 10, to fix a security vulnerability in their e-mail service did not fully do its job, claim security researchers. This means if you are not careful, attackers can gain access to your IP address, domain name, user name, host name and password hash.

The update on April 10 came two years after the security flaw was first reported by US-based security researcher Will Dormann. He found that even if you hover over a suspicious link sent in phishing e-mails, attackers could gain access to your above mentioned data. Now, reviewing the update, Dormann has found that only automatic linking of the user’s server -- when you hover over the link -- to that of a potential attacker has been fixed.

This means as a user, you are still prone to cyber attacks if you click on links sent over Outlook that begins with “\”. “If an email message has a Universal Naming Convention (UNC)-style link that begins with “”, clicking the link initiates a Server Message Block (SMB) connection to the specified server.” said Dormann in his blog.

“It is important to realize that even with this software update, a user is still a single click away from falling victim to the types of attacks described above,” says Dormann, who is a vulnerability analyst at the Computer Emergency Response Team (CERT) Coordination Center of Software Engineering Institute at Carnegie Mellon University.

“Nearly 90 pc of people in the corporate world use Microsoft Outlook,” says Bharani Kumar of Cyberabad Security Council. “Outlook includes the ability to send Rich Text Format e-mails. These e-mails can include Object Linking and Embedding. Those files are stored in a remote server and the vulnerability allowed interaction between servers. It creates a session where the outlook would expose, IP address, passwords. A potential attacker can even check the strength of your password.”

The software update by Microsoft to fix the security vulnerability in Outlook created a different path leading to the same problem, says Bharani Kumar, who is also the general secretary of Hyderabad Software Enterprises Association. “The update was useful to prevent the automatic connection between servers, but it was not a comprehensive one. Now, the user has to click on it, adding one more step than being an automatic connection between servers. Still, it’s a security flaw,” Kumar added.

Related Stories

No stories found.
The New Indian Express
www.newindianexpress.com