Microsoft Outlook vulnerability

You may have seen in the news that Microsoft has identified a particularly nasty Outlook vulnerability. This vulnerability has the ability to attack your device remotely once an email is received – even without you needing to open or preview the message. You can read more about it here.

What should I do to protect my device?

While Office will deploy updates automatically, this could take several days. Given the zero click nature of this vulnerability and the fact that it has been seen in use in the wild already, we would highly recommend that you update Office as soon as you can.

Make sure you update Office using the following steps:​​​​​​​

1. Open any Office app, such as Word, and create a new document.
2. Go to File > Account (or Office Account if you opened Outlook).
3. Under Product Information, choose Update Options > Update Now. (Note: You may need to click Enable Updates first if you don’t see the Update Now option right away.)
4. Close the “You’re up to date!” window after Office is done checking for and installing updates.

We would encourage you to share this information with your wider team so they are aware and can carry out the update to their devices.

For a tech deep dive, read more about the Outlook elevation of privilege vulnerability.

If you have any questions or concerns, please do not hesitate to get in touch.

Share this post