Microsoft Outlook for Android Vulnerable to Cross-Site Scripting | TVM Microsoft Outlook for Android Vulnerable to Cross-Site Scripting | TVM

Home  |  Resources  |  Microsoft Windows

Microsoft Outlook for Android Vulnerable to Cross-Site Scripting

Written By: Jason Bell

< Back to Blog Home

Microsoft Outlook Vulnerability on Android

In June 2019 Microsoft published an advisory on a critical vulnerability found in the Microsoft Outlook Android application. The attack happens when an email is sent to the victim with an embedded hidden code.  The code results in cross-site scripting (XSS) attack on the affected system and can run scripts in the security context of the current user.

The proof of concept code has been released and is now available to the public.  To defend against this vulnerability users are urged to update the application.  If the application has not updated automatically, it can be done manually via the Google Play Store.

If you are interested in learning more, view our latest posts on Microsoft Windows vulnerabilities.

We are an international squad of professionals working as one.

logos