Outlook Can Allow Hacker To Steal Windows Password

August 22, 2024

Outlook Can Allow Hacker To Steal Windows Password

A flaw in Microsoft Outlook allows hackers to steal your Windows password easily

Security researchers have disclosed details of a critical vulnerability in Microsoft Outlook for which Microsoft released an incomplete patch this month; almost 18-months after receiving the disclosure report.

The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to seize sensitive information, including users' Windows login credentials, just by convincing victims to preview an email with Microsoft Outlook, without needing any further user interaction.

A hacker can exploit this vulnerability by sending a Rich Text Format (RTF) email to a victim, containing a remotely-hosted Object Linking & Embedded (OLE) image, loading from the attacker-controlled server.

Microsoft Outlook automatically renders OLE content, it will initiate an automatic authentication with the attacker's controlled remote server over SMB protocol, handing over the victim's username and NTLMv2 hashed version of the password, possibly allowing the intruder to gain access to the victim's computer.

Dormann reported the vulnerability to Microsoft in November 2016, and in an attempt to patch the issue, the company released an incomplete fix in its April 2018 patch Tuesday update.

The security patch only prevents Outlook from automatically initiating SMB connections when it previews RTF emails, but the researcher noted that the fix does not prevent all SMB attacks.

"It is important to realize that even with this patch, a user is still a single click away from falling victim to the types of attacks described above," Dormann said. "For example, if an email message has a UNC-style link that begins with "\\”, clicking the link initiates an SMB connection to the specified server.”

WE HAVE ALREADY APPLIED THE LATEST MICROSOFT PATCH UPDATE TO ALL OF OUR CLIENT’S COMPUTERS, BUT SINCE ATTACKERS CAN STILL EXPLOIT THIS VULNERABILITY WE HAVE ALSO PERFORMED THE FOLLOWING:

  • Block specific ports (445/tcp, 137/tcp, 139/tcp, along with 137/udp and 139/udp) used for incoming and outgoing SMB sessions.
  • Block NT LAN Manager (NTLM) Single Sign-on (SSO) authentication.

WHAT YOU CAN DO YOURSELF TO HELP PROTECT YOUR SENSITIVE INFORMATION:

  1. Always use complex passwords, that cannot be cracked easily.
  2. Don’t click suspicious links provided in emails.

Latest posts

Claude vs ChatGPT Business Comparison
June 23, 2025

Claude vs ChatGPT Business Comparison

This in-depth comparison guide analyzes Anthropic's Claude and OpenAI's ChatGPT from a business perspective, helping enterprises make informed AI platform decisions. The article covers feature comparisons, pricing analysis, security considerations, industry-specific recommendations, and includes interactive tools like a decision framework and ROI calculator. Claude excels in analytical reasoning and compliance-heavy environments, while ChatGPT dominates in creative content and integrations. The guide provides practical implementation strategies and real-world scenarios to help businesses choose the platform that best aligns with their strategic objectives and operational requirements.
Read more
Meta and Yandex Betrayed User Trust: A Privacy Professional's Take
June 19, 2025

Meta and Yandex Betrayed User Trust: A Privacy Professional's Take

Meta and Yandex deliberately circumvented Android privacy protections through sophisticated tracking methods that collected detailed user data from millions of websites. Using techniques like "SDP munging," they created a web-to-app pipeline that defeated incognito mode, cookie deletion, and privacy settings. Even more concerning, similar techniques could potentially affect iPhone users as well. Both companies only stopped after being publicly exposed by researchers. At ITECS, we're working with partners to help clients protect against these unethical practices and advocate for genuine privacy protection.
Read more
The Hidden Threat: How Rogue Communication Devices in Solar Inverters Could Bring Down the Power Grid
June 19, 2025

The Hidden Threat: How Rogue Communication Devices in Solar Inverters Could Bring Down the Power Grid

This investigative article exposes the discovery of undocumented communication devices hidden in Chinese-made solar inverters, creating unprecedented vulnerabilities in global power grids. The piece provides real-world attack scenarios from a business owner's perspective, analyzes the broader cybersecurity implications of hardware-level supply chain attacks, and offers actionable guidance for organizations to protect their infrastructure. With over 200GW of vulnerable capacity and the ability to compromise grids with less than 2% of inverters, this threat represents a critical national security issue requiring immediate attention from businesses and governments worldwide.
Read more