Update Outlook due to vulnerability CVE-2018-0950

Posted on 2018-04-17 by guenni

[German]There is a serious vulnerability in Microsoft Outlook that can allow the stealing of access data or send the system into a BlueScreen loop. Microsoft has released a patchday update (April 10, 2018) to close the vulnerability.

Advertising

CVE-2018-0950 vulnerability in Microsoft Outlook

Microsoft addresses the CVE-2018-0950 vulnerability in Microsoft Outlook within the Security TechCenter:

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.

To exploit the vulnerability, an attacker would have to send an RTF-formatted email to a user and convince the user to open or preview the email. A connection to a remote SMB server could then be automatically initiated, enabling the attacker to brute-force attack the corresponding NTLM challenge and response in order to disclose the corresponding hash password.

The security update addresses the vulnerability by correcting how Office processes OLE objects.

Outlook-Schwachstelle
(Source: Will Dormann)

CVE-2018-0950 in Microsoft Outlook has been found by Will Dormann. Dormann documented this vulnerability within his blog post Automatically Stealing Password Hashes with Microsoft Outlook and OLE. During the analysis, Dormann first came across an error that forces the system into a BlueScreen loop. If the attacker sends a prepared mail and it is displayed in Outlook, a BlueScreen appears under Windows. This is triggered every time the user starts Outlook. Later, Dormann came to the conclusion that the vulnerability could also be used to disclose data.

Updates for Outlook available

Microsoft has released an update for Microsoft Outlook to close this vulnerability. Updates and related KB articles can be downloaded from the Security TechCenter for CVE-2018-0950. Please note that, depending on the Outlook version, different packages are provided. The click-to-run variants of Outlook also receive their own update package. Microsoft classifies the vulnerability as Important.

Similar articles:
Adobe Flash Player Update to version 29.0.0.140
Microsoft Office Patchday (April 3, 2018)
Microsoft Patchday Summary April 10, 2018
Patchday: Windows 10 Updates April 10, 2018
Patchday: Updates for Windows 7/8.1/Server April 2018
Patchday Microsoft Office Updates (April 10, 2018)
Microsoft Security Update revisions April 2018

Advertising
Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in Office, Security, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *