Microsoft Closes Outlook Copy-On-Write Flaw with Exchange Online Fix


Microsoft fixed the copy-on-write bug in Outlook for Windows in Exchange Online. The fix stops users removing attachments from sent or received messages. A strong case can be made that the fix should have been present from the start to stop any possibility that clients could comprise Exchange Native Data Protection. Microsoft doesn’t think many people were affected and they could be right, but that doesn’t make the problem any easier to swallow.

The post Microsoft Closes Outlook Copy-On-Write Flaw with Exchange Online Fix appeared first on Petri.

Continue reading Microsoft Closes Outlook Copy-On-Write Flaw with Exchange Online Fix

Outlook Flaw Compromises Exchange Online Native Data Protection


A bug in Outlook desktop’s implementation of the MAPI over HTTP protocol allows users whose mailboxes are on hold to remove attachments from messages. The removal is not captured by the copy-on-write feature of Exchange Online Native Data Protection, which potentially compromises the ability of Data Governance managers or eDiscovery investigators to recover information needed for compliance purposes. All in all, it’s a mess that Microsoft needs to clean up quickly.

The post Outlook Flaw Compromises Exchange Online Native Data Protection appeared first on Petri.

Continue reading Outlook Flaw Compromises Exchange Online Native Data Protection