News for October 10, 2022


Outlook Crashing After Opening Fix
by Artie Kaye

Launching Outlook under certain conditions can cause the program to freeze or quit out before any actions can be taken.  Microsoft has addressed this problem and is rolling it out to certain Enterprise systems first, with a wider release later.  Until then, if you are experiencing this problem, Microsoft has a list of workarounds on their support page linked below.

https://support.microsoft.com/en-us/topic/outlook-closes-shortly-after-it-is-opened-2d32d880-70a0-4ee0-b1e9-9e920721abdd

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-rolling-out-a-fix-for-outlook-crashing-after-launch/

Zimbra Email Vulnerability
by Artie Kaye

A flaw in the virus scanner on Zimbra’s email cloud can allow remote code execution.  This is similar to a previously discussed flaw.  (UnRAR Vulnerability.)  However, this uses a different type of compressed file.  Installing the pax utility and restarting the email service is the workaround suggested by the company.  If your systems are running Ubuntu, this utility should already be active.

This flaw is listed as CVE-2022-41352.

https://blog.zimbra.com/2022/09/security-update-make-sure-to-install-pax-spax/

https://www.rapid7.com/blog/post/2022/10/06/exploitation-of-unpatched-zero-day-remote-code-execution-vulnerability-in-zimbra-collaboration-suite-cve-2022-41352/

https://thehackernews.com/2022/10/hackers-exploiting-unpatched-rce-flaw.html

https://www.darkreading.com/remote-workforce/zimbra-rce-bug-under-active-attack

Android Patch
by Artie Kaye

Google has released a patch targeting numerous vulnerabilities.  The flaws range from privilege elevation to denial of service.  If you’ve an android device it is recommended to update soon, if you haven’t already.

https://source.android.com/docs/security/bulletin/2022-10-01

https://www.securityweek.com/android-security-updates-patch-critical-vulnerabilities