How exploitable are email clients?
- Thread starter shmu26
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
shmu26
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Hi there,Now this was the best explanation and I'm paranoid when it comes to security and keeping my data secure and not lose them, so I will try this Mailbird Pro now and try to get it's lifetime licenseThanks, mate. Just like how my father explains me things.
if you are going for mailbird, it downloads everything real fast, and it works great with gmail, and it is cool software.
but... by default it does not download large attachments. You can change that default, but I had trouble getting it to consistently download my attachments, I am talking like about a year ago, and I don't know if they fixed that bug.
So, try it out, but keep an eye on those attachments and whether it is doing what you want with them.
If you like to be paranoid about your online data, best strategy is to run mailbird once every few days, you can make a Windows scheduled task for that, if you want.
The problem with running it constantly is that is constantly syncs. So if your online data somehow gets messed up or deleted, it will mess up and delete your backup, too. So that's why best policy is to run it only once in a while. IMHO.
Here is something directly from Microsoft: How outlook protects you from viruses, spam, and phishing
It can be exploitable - probably not to to the extent of browsers without user interaction.
Microsoft Outlook in the past has seen OLE exploits, malicious JavaScript (agree with @Spawn and @Wave the member who recommended changing the settings to display plain text only) can be an issue as well as embedded IFrames.
Recommendations based on past campaigns that exploited vulnerabilities recommended disabling both message and attachment preview. has been an issue in the past. I personally have it disabled completely. I got an email that the filter missed in my inbox containing an exploit packed in a .zip file. 1 click away.
It can be exploitable - probably not to to the extent of browsers without user interaction.
Microsoft Outlook in the past has seen OLE exploits, malicious JavaScript (agree with @Spawn and @Wave the member who recommended changing the settings to display plain text only) can be an issue as well as embedded IFrames.
Recommendations based on past campaigns that exploited vulnerabilities recommended disabling both message and attachment preview. has been an issue in the past. I personally have it disabled completely. I got an email that the filter missed in my inbox containing an exploit packed in a .zip file. 1 click away.
- Where the email is coming from?
- Has it been screened by a gateway protected with something such as Barracuda?
- What type of code is the software programmed with?
- Client built in Security controls (Outlook by default no longer displays Macros or ActiveX content)?
- If Add-ins are installed?
- If your software is up-to-date?
- The End User?
- Status
You may also like...
-
Default Is the New Consent: How Tech Giants Exploit Opt-Out Fatigue for AI Training- Started by lokamoka820
- Replies: 2
-
Pentest tools left online are allowing hackers to exploit Fortune 500 firms- Started by Miravi
- Replies: 0
-
-
How does Kaspersky deal with malware attacks that target vulnerabilities in installed applications?
- Started by nonamebob567
- Replies: 6
