Critical Outlook vulnerability discovered (February 2024)
Security researchers discover vulnerability in Microsoft OutlookIn February 2024, security researchers discovered a vulnerability in Microsoft Outlook and classified it as critical. You can read everything you need to know as a user here.
Outlook vulnerability: What you should know about CVE-2024-21413
Checkpoint Research, an American-Israeli IT security company, discovered the current Outlook vulnerability and presented it on February 14. Microsoft had already recognized this the day before. The official name for the vulnerability in the e-mail software is CVE-2024-21413.
In the event of an attack, the hacker can bypass the protected mode in the Office view and open emails in edit mode instead. If an attacker exploits this vulnerability in Outlook, they can unlock various privileges, such as rights to read, write and delete emails. All he has to do is create a link to bypass the Protected View protocol.
Microsoft security – How to protect yourself from the vulnerability in Outlook
The good news: As a Microsoft Outlook user, you can protect yourself quickly and easily against the security vulnerability. Microsoft recommends that all users of Office 2016, 2019, 2021 and Office 365 install the latest updates listed in the support article on CVE-2024-21413.
You can find the official Microsoft support article here:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413
How should the vulnerability in Microsoft Outlook be assessed?
Servers with Microsoft Exchange are attractive targets for cyber criminals, as they represent central account points in the communication of many companies. Data theft, sabotage and the sending of illegitimate e-mails are the result. If the servers are paralyzed, this in turn leads to severe disruptions to operational processes. Cyber attacks on Microsoft Exchange and Outlook have repeatedly caused considerable damage to companies in the past.
In addition to regular Outlook software updates, an email security solution that protects against attacks is particularly recommended for companies. Malicious emails can thus be blocked before they infiltrate your inbox. You can find out more about email security for companies in our factsheet.
More news
Social engineering – 6 tips on how companies can protect themselves
No matter how good the technical security precautions in companies are: The human factor is often the weakest link in the security chain. In social engineering, cyber criminals exploit this potential vulnerability by faking a personal relationship with the victim in order to carry out their criminal activities. How do you recognize social engineering and how can companies protect themselves and their employees?
Bitcoin Halving 2024 : Danger from phishing mails on the rise
More and more cases of crypto phishing! The reason is the high Bitcoin price and the upcoming Bitcoin Halving 2024.
Digital document management system – Find out everything you need to know about DMS.
The efficient management of digital documents is a necessity in the modern working world. A digital document management system (or “DMS” for short) is therefore becoming a must-have for companies – and not just for corporations, but also for SMEs. In this article, you will find out what a digital document management system actually is, what functions it fulfills and what advantages it can offer your company.
Managed IT services: Is it worth it for my company? Can I simply outsource my IT?
Managing and monitoring their IT poses challenges for many companies. There is a lack of resources to set up an in-house support team that is up to the task. Managed IT services offer one solution, with external specialists taking over individual IT sub-areas through to complete IT operations. Find out here what Managed IT Services actually are, what advantages they offer and whether the model is also worthwhile for you.