Skip navigation
Menu
Collaboration>Email and Calendaring

Outlook and OWA Subject to From Field Spoofing

Reported April 11, 2005 by iDEFENSE

VERSIONS AFFECTED

           Microsoft Outlook (not Microsoft Outlook Express)
Microsoft Outlook Web Access (OWA)

DESCRIPTION

Due to the way Outlook and OWA parse From header fields, it's possible to change the field so that the email message appears to come from a different address.

WORKAROUND

Examine all the message's header fields to determine who a message actually came from.

VENDOR RESPONSE

iDEFENSE reports that Microsoft said it might implement a fix in a future service pack but that a security bulletin won't be released for this issue.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
zoom logo
Zoom Releases New AI-Powered Collaboration Platform—Zoom Workspace—Plus Other Updates
Mar 26, 2024
person working from home using smart phone and notebook computer
Monitoring Employee Productivity, Balance Surveillance with Transparency
Jan 03, 2024
zoom logo on screens of laptop and smartphone device.jpg
At Zoomtopia, Small Businesses Share Transformation Stories
Oct 12, 2023
zoom logo
Zoom Unveils Docs, Upgrades Contact Center Offerings
Oct 03, 2023