Get a Pentest and security assessment of your IT network.

Cyber Security

PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery

Security researcher Bryan Appleby from F5 Networks released proof-of-concept for the Outlook vulnerability that he reported to Microsoft almost six months ago. The vulnerability resided in the way email server parses HTML entities in the email messages. Appleby found that executing JavaScript code inside an iframe can allow the attacker to read app-related content in the context of logged-in Outlook user, including cookies, tokens and even some contents of their email inbox. Microsoft patched the vulnerability and released a fix just 2 days agothat’s almost 6 months after the initial disclosure.

Source: https://thehackernews.com/2019/06/microsoft-outlook-vulnerability.html

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation