Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

email security


  • Please log in to reply
2 replies to this topic

#1 GataPandu

GataPandu

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 February 2016 - 12:12 PM

Can a computer get infected by a malicious email that is opened in the preview pane of Outlook (or some other email client that downloads the malicious email and opens it in the preview pane without the user clicking on anything) ?

 

In other words, can a piece of email be malformed in such a way that it becomes an attack vector activated by the preview pane opening it ?



BC AdBot (Login to Remove)

 


#2 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:28 PM

Posted 22 February 2016 - 01:33 PM

Hello GataPandu, 
 
If the Email is crafted to exploit an unpatched vulnerability in your Email client, then yes, exposure to malware is certainly a possibility. Specifically, in regards to Microsoft Outlook, see the following past examples:

Whether you as an Outlook user today are vulnerable is indeterminable as new exploits in software are discovered on a daily basis. One cannot account for vulnerabilities yet to be reported/patched, but steps can be taken to help mitigate this risk. For example, in Outlook you can select to read Emails in plain text, as outlined by the articles below.


Posted Image

#3 GataPandu

GataPandu
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 23 February 2016 - 12:35 AM

Hello LiquidTension :)

 

I have carefully read the materials in the links, and I am near positive that I am not affected by the CVEs of Outlook, MS Word and MS Office in December 2015. But I sure wish that there was a security slider for Outlook similar to the ones for IE and UAC. Since I use only 1% of the features of Outlook, I would set the slider to 100 times the security :)

 

Thanks for responding!


Edited by GataPandu, 23 February 2016 - 08:21 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users