Jeffrey on Nostr: Very hot take: Outlook (classic) should be regarded as a high-risk application at ...
Very hot take: Outlook (classic) should be regarded as a high-risk application at this point, after the numerous critical vulnerabilities that keep being patched.
These CVE's are responsible for zero-click RCE or token theft in Outlook:
july 2024: CVE-2024-38021
june 2024: CVE-2024-30103 (requires user auth)
february 2024: CVE-2024-21413
august 2023: CVE-2023-35384
may 2023: CVE-2023-29324
march 2023: CVE-2023-23397
Outlook Web works just fine for me 🤷
These CVE's are responsible for zero-click RCE or token theft in Outlook:
july 2024: CVE-2024-38021
june 2024: CVE-2024-30103 (requires user auth)
february 2024: CVE-2024-21413
august 2023: CVE-2023-35384
may 2023: CVE-2023-29324
march 2023: CVE-2023-23397
Outlook Web works just fine for me 🤷