- Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password
Microsoft recently released security patches for windows operating systems. A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month almost 18 months after receiving the responsible disclosure report. According to the researcher the Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users’ Windows login credentials, just by convincing victims to preview an email with Microsoft Outlook, without requiring any additional user interaction. A remote attacker can exploit this vulnerability by sending an RTF email to a target victim, containing a remotely-hosted image file (OLE object), and loading from the attacker-controlled SMB server. The security patch only prevents Outlook from automatically initiating SMB connections when it previews RTF emails, but the researcher noted that the fix does not prevent all SMB attacks.
Cyber Security Tips: To prevent from this attack apply security patches as soon as possible, Block specific ports (445/tcp, 137/tcp, 139/tcp, along with 137/udp and 139/udp) used for incoming and outgoing SMB sessions, block NT LAN Manager (NTLM) Single Sign-on (SSO) authentication and use complex password.