All articles tagged with #microsoft outlook
Microsoft is reorganizing its Outlook team under new leadership to overhaul the email client with AI, aiming to transform it into a personal assistant that reads, drafts, and organizes messages, with a focus on rapid prototyping and AI integration throughout the development process.
Microsoft Outlook is experiencing a widespread outage affecting millions, with issues including login failures and slow service. The cause is currently unknown, but Microsoft has deployed a fix and is monitoring the situation. The outage impacts Outlook.com, Outlook Mobile, and the desktop client, and is not linked to recent security updates or announcements.
Microsoft Outlook is experiencing a major outage affecting millions worldwide, caused by issues in mailbox infrastructure and authentication components. Microsoft is deploying a fix, with progress faster than expected, aiming to resolve the problem soon. This outage follows previous disruptions, highlighting ongoing stability challenges for Outlook.
Check Point Research has identified a security vulnerability in Microsoft Outlook, known as the #MonikerLink bug, which allows for the leaking of local NTLM information and potential remote code execution. The bug bypasses Office Protected View and affects the Windows/COM ecosystem, posing significant security risks. Check Point has developed protections and reported the issue to Microsoft, leading to a critical Security Update. The bug may also impact other software using similar APIs, prompting a call for the security and developer communities to address such vulnerabilities.
A security flaw in Microsoft Outlook, tracked as CVE-2023-35636, could allow threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file, potentially through email or web-based attack scenarios. The vulnerability, now patched, was discovered by Varonis security researcher Dolev Taler and could lead to NTLM hashes being leaked. Microsoft has announced plans to discontinue NTLM in Windows 11 in favor of Kerberos for improved security.
A recently patched vulnerability in Microsoft Outlook allowed attackers to steal users’ NTLM v2 hashes by adding two headers to an email carrying a specially crafted file. While the CVE-2023-35636 has been fixed, two additional unpatched vulnerabilities can also be exploited to obtain NTLM v2 hashes. Compromised hashes can be used for authentication relay attacks or offline brute-force attacks, allowing threat actors to access sensitive enterprise systems and resources. Microsoft has outlined plans to reduce the use of NTLM and disable it in Windows 11, but organizations can protect themselves by enabling SMB signing, blocking outgoing NTLM v2 authentication, and enforcing Kerberos authentication.
Google Calendar is updating its attendee lists to include Microsoft Outlook users, addressing a previous issue where Outlook users did not appear in the lists at all. With this update, Outlook users will now be properly listed as attendees and organizers in Google Calendar meeting events. This improvement aims to enhance interoperability between Google Workspace and Microsoft Outlook users, benefiting those who organize meetings with attendees from multiple companies. The update started rolling out on August 24 and will be available to all users within 15 days.
Microsoft Outlook experienced an outage on Monday morning, affecting users' ability to access their email and causing productivity disruptions. The cause of the outage is currently unknown, but Microsoft has acknowledged the issue and is working on a resolution.
Cyber defence company BlueVoyant has issued an urgent warning to millions of Gmail and Outlook email users over a 240% increase in phishing scams, with some of them hard to spot. Fraudsters are using a technique called dynamic phishing in a bid to steal people's personal information and financial details. Mobile users are also being targeted with a technique known as smishing. Users should be wary of unexpected emails, such as invoices from well-known online companies, and if in doubt look up the company URL online themselves rather than following a link.
A warning has been issued to billions of Gmail and Microsoft Outlook users as email phishing scams have risen by 240%. Cyber defence company BlueVoyant has outlined typical warning signs of scam emails, including dynamic phishing and SMS phishing. The company has noted that 67% of all phishing attacks were hosted on dynamic DNS infrastructure in 2021. SMS gateway scripts are sold on the deep and dark web as all-inclusive solutions, which are rather easy to operate, and require very little technical knowledge.
Hackers are exploiting a critical vulnerability in Microsoft Outlook, CVE-2023-23397, to steal NTLM hashes and gain affluent access to organizations through an escalation of privilege vulnerability. The vulnerability affects all versions of Microsoft Outlook on Windows, and threat actors have targeted and breached the networks of about 15 critical organizations related to government, military, energy, and transportation. Microsoft researchers have provided key mitigations, including installing the patch, using the Protected Users Security Group, and blocking port TCP/445 outbound from the network. Admins must apply and check all the recommended mitigations immediately to prevent any attack effectively.