swarfendor437   14 #1 Posted January 22, 2019 3 months to fix it:  https://www.business-standard.com/article/news-ians/kerala-based-security-engineer-spots-bug-in-microsoft-office-365-outlook-118121200159_1.html  How do we know it has actually been fixed? Share this post Link to post Share on other sites Share this content via...
Guest   #2 Posted January 22, 2019 Any reason you picked on this bug? There are bugs in ALL software, how do you know when any of them get fixed? We know you seem to have a bee in your bonnet about MS but some bugs take far longer to fix, some don't get fixed at all. Share this post Link to post Share on other sites Share this content via...
alchresearch   215 #3 Posted January 22, 2019 The weakest link of any system is the user.  Education is the key to stop them clicking links.  Quote A string of bugs when chained together created the perfect attack to gain access to someone's Microsoft account -- simply by tricking a user into clicking a link.  Share this post Link to post Share on other sites Share this content via...
swarfendor437   14 #4 Posted January 22, 2019 15 hours ago, probedb said: Any reason you picked on this bug? There are bugs in ALL software, how do you know when any of them get fixed? We know you seem to have a bee in your bonnet about MS but some bugs take far longer to fix, some don't get fixed at all. Well both your post and alcheresearch posts are on the money. Sometimes it can just be opening an email from what appears to be a genuine contact only to spread spam via the owners contact list as happened to someone at work recently. Another security hole is where some members are not part of the main email group, miss the warning sent by Managment who thought it was from someone else and opened the email on their machine. Best practice: https://superuser.com/questions/1005791/view-email-header-without-opening-the-message  Now compare the advice to M$'s method:  https://support.office.com/en-us/article/View-internet-message-headers-cd039382-dc6e-4264-ac74-c048563d212c  I never have reading pane open as in the past, whatever mail client you use I understood that having the reading pane switched to on is increasing your risk of an infection. Share this post Link to post Share on other sites Share this content via...