Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
Associate PartnerAssociate Partner
  
Tech
News18 » Tech
1-min read

US Cyber Command Hints at Use of Old Outlook Vulnerability in Recent Cyber-Attacks

The old Microsoft Outlook vulnerability, which was long patched, is apparently being used in an increasing number of state-backed cybercrime campaigns.

Shouvik Das | News18.com@distantvicinity

Updated:July 3, 2019, 9:30 PM IST
facebookTwitterskypewhatsapp
US Cyber Command Hints at Use of Old Outlook Vulnerability in Recent Cyber-Attacks
The old Microsoft Outlook vulnerability, which was long patched, is apparently being used in an increasing number of state-backed cybercrime campaigns.

The United States Cyber Command has reported the discovery of active malicious usage of a vulnerability in certain outdated versions of Microsoft Outlook, which were long since patched by Microsoft but may not have received the update due to user and admin negligence on critical systems. The disclosure mentions "active malicious use", revealing the source of the malware's origin as well in its tweets.

A quick check on the National Vulnerability Database in USA reveals the identity of the glitch, which is described as: "Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."

In essence, the breach allows an attacker to bypass arbitrary security protocols to execute remote commands on a system, which in turn can corrupt data or block users out from accessing the data. A ZDNet report states that the origin of these attacks may be happening in Iran, and in particular the APT33 hacker collective, which has been seen to be more active of late, and has previously used this vulnerability to install surveillance backdoors in servers.

However, without any conclusive public evidence at hand, it is not clear if this is open cyber warfare at its nascent, or isolated incidents from various sources that somehow have a common attack string.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

| Edited by: ---
Read full article
Next Story
Next Story

Also Watch

facebookTwitterskypewhatsapp

Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results