Monday, January 13, 2014

Microsoft Will Soon Fix All The Outlook Vulnerabilities

Security issues are quite common irrespective of the functioning of the software. The security issues faced by different Microsoft products like Outlook, Internet Explorer and SharePoint have been fixed by Microsoft. All together about 47 different security issues were fixed so far.

As you are aware, Microsoft releases security patches for its product line for fixing virus and spyware attacks. These patches are meant for protecting the operating system along with the product line of Microsoft from malicious threats. These updates are released from time to time and about 13 security patches had been released by Microsoft recently and they are all meant to treat critical vulnerabilities.

MS13-068 is one the patches released by Microsoft and it is meant to protect Microsoft Outlook and according to Microsoft, “A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted S/MIME email messages. An attacker who successfully exploited this vulnerability could take complete control of an affected system”.

To deliver email messages securely, Secure/Multipurpose Internet Mail Extensions are used widely. You would find the information about MS13-068 vulnerability in a blog post issued by Microsoft. This vulnerability just take holds of the use’s computer completely and they do this task by taking advantage of some errors with the preview pane in Microsoft Outlook. Some of these errors in fact could lead to file corruption and other problems.

The MS13-068 vulnerability has been given a rating that is critical according to Microsoft and they find the same difficult to be exploited. According to Microsoft Security Response Center engineer Jinwook Shin, “In fact, we’re not certain that the issue is exploitable at all, but out of an abundance of caution and because attack technology improves over time, we are issuing the security update today”.

The vulnerabilities would be making some changes in the Outlook email setup and might be causing problems. Hence, Outlook email setup would be given priority and patches for the same would be released. According to Andrew Storms, “Unlike other Outlook vulnerabilities that require the user to open an email or an attachment, simply having the default configuration or preview pane enabled can launch a weaponized email message. The good news is that a workable mitigation technique will be to disable the preview pane.”

Let us keep our fingers crossed and hope that our computers will not be affected by this critical vulnerability.

No comments:

Post a Comment