VULHUB ™

An issue has been reported in Microsoft Outlook which could initiate a file download from a web site, without the user attempting to access the site. Reportedly this is possible if a user simply reads an HTML email message containing a URL embedded in the IFrame tag. If the URL is pointing to a file, upon the user opening the mail message, Outlook will prompt the user with a download dialog box. This issue could be used to initiate the download of malicious files, or exploit other known IE issues.

An issue has been reported in Microsoft Outlook which could initiate a file download from a web site, without the user attempting to access the site. Reportedly this is possible if a user simply reads an HTML email message containing a URL embedded in the IFrame tag. If the URL is pointing to a file, upon the user opening the mail message, Outlook will prompt the user with a download dialog box. This issue could be used to initiate the download of malicious files, or exploit other known IE issues.