Microsoft Outlook Denial of Service
Microsoft Outlook is an email client used to send and receive email messages. Recently, SonicWALL received reports of a bug in MS Outlook, wherein a specially crafted email causes it to crash shortly after reading.
The email to contain both text and html portions, as shown below:
Retrieving this email via MS Outlook causes a crash as shown:
Debugging Outlook, we see that the crash occurs at wwlib.dll (not necessarily Outlook).
This dll is also used by other Office applications such as Word and Powerpoint. This is used for reading and displaying HTML content.
The problem arises with the “!important” directive in the CSS. Upon testing, removing this directive from the email message sent does not cause a crash.
Our Threat Research Team has researched this vulnerability and released following signature to protect their customers.
•IPS 12702 : Microsoft Outlook Denial of Service
How IT SUPPORT MIAMI Can Help
IT Support Miami’s Enterprise Managed IT Security Services practice specializes in helping companies with their IT Security needs. IT security is a layered function and IT Support Miami provides a turn key solution including training, social engineering, endpoint, edge, real-time monitoring and reporting, data protect, user management, Managed Wi-Fi and network, and Managed Cloud. IT Support Miami is an expert in the field with more than15 years in business and has a proven track record of successful managed IT security.