The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users' Windows login credentials, just by convincing victims to preview an email with Microsoft Outlook, without requiring any additional user interaction. |
If you have already installed the latest Microsoft patch update, that's great, but attackers can still exploit this vulnerability. So, Windows users, especially network administrators at corporates, are advised to follow the below-mentioned steps to mitigate this vulnerability. Block specific ports (445/tcp, 137/tcp, 139/tcp, along with 137/udp and 139/udp) used for incoming and outgoing SMB sessions. Block NT LAN Manager (NTLM) Single Sign-on (SSO) authentication. Always use complex passwords, that cannot be cracked easily even if their hashes are stolen (you can use password managers to handle this task). Most important, don't click on suspicious links provided in emails. |