{"id":5457,"date":"2018-04-17T00:01:00","date_gmt":"2018-04-16T22:01:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=5457"},"modified":"2024-10-05T21:18:38","modified_gmt":"2024-10-05T19:18:38","slug":"update-outlook-due-to-vulnerability-cve-2018-0950","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/04\/17\/update-outlook-due-to-vulnerability-cve-2018-0950\/","title":{"rendered":"Update Outlook due to vulnerability CVE-2018-0950"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"https:\/\/www.borncity.com\/blog\/2018\/04\/13\/outlook-sicherheitslcke-cve-2018-0950-dringend-updaten\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]There is a serious vulnerability in Microsoft Outlook that can allow the stealing of access data or send the system into a BlueScreen loop. Microsoft has released a patchday update (April 10, 2018) to close the vulnerability.<\/p>\n<p><!--more--><\/p>\n<h2>CVE-2018-0950 vulnerability in Microsoft Outlook<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/ssl-vg03.met.vgwort.de\/na\/dfb6522c734644d28afe8e33742124cf\" width=\"1\" height=\"1\">Microsoft addresses the <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-0950\" target=\"_blank\" rel=\"noopener\">CVE-2018-0950<\/a> vulnerability in Microsoft Outlook within the Security TechCenter:<\/p>\n<blockquote>\n<p>An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.  <\/p>\n<p>To exploit the vulnerability, an attacker would have to send an RTF-formatted email to a user and convince the user to open or preview the email. A connection to a remote SMB server could then be automatically initiated, enabling the attacker to brute-force attack the corresponding NTLM challenge and response in order to disclose the corresponding hash password.  <\/p>\n<p>The security update addresses the vulnerability by correcting how Office processes OLE objects.<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" title=\"Outlook-Schwachstelle\" alt=\"Outlook-Schwachstelle\" src=\"https:\/\/i.imgur.com\/QCtjyaK.jpg\"><br \/>(Source: Will Dormann)  <\/p>\n<p><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-0950\" target=\"_blank\" rel=\"noopener\">CVE-2018-0950<\/a> in Microsoft Outlook has been found by Will Dormann. Dormann documented this vulnerability within his blog post <a href=\"https:\/\/insights.sei.cmu.edu\/cert\/2018\/04\/automatically-stealing-password-hashes-with-microsoft-outlook-and-ole.html\" target=\"_blank\" rel=\"noopener\">Automatically Stealing Password Hashes with Microsoft Outlook and OLE<\/a>. During the analysis, Dormann first came across an error that forces the system into a BlueScreen loop. If the attacker sends a prepared mail and it is displayed in Outlook, a BlueScreen appears under Windows. This is triggered every time the user starts Outlook. Later, Dormann came to the conclusion that the vulnerability could also be used to disclose data. <\/p>\n<h2>Updates for Outlook available<\/h2>\n<p>Microsoft has released an update for Microsoft Outlook to close this vulnerability. Updates and related KB articles can be downloaded from the Security TechCenter for <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-0950\" target=\"_blank\" rel=\"noopener\">CVE-2018-0950<\/a>. Please note that, depending on the Outlook version, different packages are provided. The click-to-run variants of Outlook also receive their own update package. Microsoft classifies the vulnerability as Important.  <\/p>\n<p><strong>Similar articles:<\/strong><br \/>Adobe Flash Player Update to version 29.0.0.140<br \/><a href=\"https:\/\/borncity.com\/win\/2018\/04\/04\/microsoft-office-patchday-april-3-2018\/\">Microsoft Office Patchday (April 3, 2018)<\/a><br \/><a href=\"https:\/\/web.archive.org\/web\/20210615025826\/https:\/\/borncity.com\/win\/2018\/04\/10\/microsoft-patchday-summary-april-10-2018\/\">Microsoft Patchday Summary April 10, 2018<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2018\/04\/11\/patchday-windows-10-updates-april-10-2018\/\">Patchday: Windows 10 Updates April 10, 2018<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2018\/04\/11\/patchday-updates-for-windows-7-8-1-server-april-2018\/\">Patchday: Updates for Windows 7\/8.1\/Server April 2018<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2018\/04\/11\/patchday-microsoft-office-updates-april-10-2018\/\">Patchday Microsoft Office Updates (April 10, 2018)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2018\/04\/14\/microsoft-security-update-revisions-april-2018\/\">Microsoft Security Update revisions April 2018<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]There is a serious vulnerability in Microsoft Outlook that can allow the stealing of access data or send the system into a BlueScreen loop. Microsoft has released a patchday update (April 10, 2018) to close the vulnerability.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,580,22],"tags":[395,69,195],"class_list":["post-5457","post","type-post","status-publish","format-standard","hentry","category-office","category-security","category-update","tag-outlook","tag-security","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5457","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=5457"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5457\/revisions"}],"predecessor-version":[{"id":35832,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5457\/revisions\/35832"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=5457"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=5457"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=5457"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}