Microsoft Office Outlook Mobile App Banned by European Parliament!

Microsoft Office Outlook Mobile App Banned by European Parliament

The fear of lack of app security has reached to an extent where Outlook mobile app had to be banned from usage! The European Parliament has now blocked Outlook mobile app for all types of smartphones at various organizations, companies and institutions. It was found that that data and user credentials are being stored in the cloud, bypassing a number of security policies. Users were also further recommended that they delete the app from their device and change their password.

Microsoft recently acquired Accompli on which the Outlook app technology is based. Obviously, this means it has also inherited a lot of its privacy policy and behaviour. When notifications are being delivered to a device, email data has to flow through Microsoft servers as well as the company servers which means any password or encryption measure becomes useless.

Thus, even the educational institutions like the University of Wisconsin have asked to block the apps for usage by their students, especially campus leaders, campus IT and those who have been affected. Developer Rene Winkelmeyer discovered the flaw after finding he was still receiving notifications despite deactivating his device. He has urged all firms to block the app from accessing company mail servers until Microsoft rectifies the situation.

What specific did the University of Wisconsin worry about?

The login method of Outlook mobile app is on cloud service, which totally holds the ability to seek all the information from the users. Outlook mobile app stores the NetID and password in a cloud service. Additionally, it allows users to connect to their personal Dropbox, Google Drive and OneDrive accounts allowing them to share information with consumer cloud services and open up files on corporate networks, posing a range of security risks. Also, multiple iOS devices cannot be distinguished due to an issue with ActiveSync, meaning administrators cannot see the difference between an iPhone and an iPad.

Subho Halder, Chief Security Scientist at Appknox said that often businesses and institutions assume that companies like Microsoft cannot go wrong with such security issues. He added that he has himself discovered threats in applications made by Microsoft, Apple, Adobe, Facebook and many more.

Microsoft doesn't make any claims around the devices to follow their ActiveSync security policies when the app is installed. It is thus the company's responsibility to take time out and investigate the security of products before using them. This could be done either directly by raising questions with the app’s developers, or through third parties who can investigate the security of products.

Recent updates

The problems for Microsoft Outlook didn't seem to end even until recently when it was notified that a hacker was accessing some Outlook accounts since January 2019. The webmail credentials of a support agent were stolen and as a result, the hacker was able to gain unauthorized access to several user accounts between January and March 2019. Microsoft officials reported that the hacker could have gained access to email addresses, email subject lines, and folder names but not the complete details and content of the emails and their attachments.

The number of users impacted by the breach was still not known to the company. The company also had no information about the hackers or what the purpose behind the attack really was. According to Microsoft, the hackers weren't able to gain personal user information or login details. However, as a caution, the company has advised Outlook users to change their passwords.

 

Well, if you'd like to know if that enterprise app that you are using is safe or not, just sign up for a free scan with us and we'll tell you whether you'd be affected by it or not,

As for businesses and app developers, mobile app threats are becoming common and are crossing boundaries. So, keep your consumer's data safe by making sure your app is secured before you face any attempt to hack.

Microsoft Microsoft Outlook Outlook App Ban cloud cloud security mobile app mobile security security

Published on Feb 13, 2015
Harshit Agarwal
Written by Harshit Agarwal
Harshit Agarwal is the co-founder and CEO of Appknox, a mobile security suite that helps enterprises automate mobile security. Over the last decade, Harshit has worked with 500+ businesses ranging from top financial institutions to Fortune 100 companies, helping them enhance their security measures.
Beyond the tech world, Harshit loves adventure. When he's not busy making sure the digital realm is safe, he's out trekking and exploring new destinations.
Author Website

Similar Blogs

5 Key Reasons Why Banks Must Adopt Automated Mobile App Security Testing
Aug 21, 2018

5 Reasons Why Banks Must Adopt Automated Mobile App Security Testing

In this article, we take a look at how automated mobile app security testing help keep banks secure and also help them ...

View Blog
Almost All Of The Mobile Apps You Use Have Been Hacked
Feb 5, 2015

Almost All Of The Mobile Apps You Use Have Been Hacked!

There was a time apps brought a lot of value to smart phone, whereas today, within less than a decade of their ...

View Blog
Must Read Websites for Mobile App Developers
Apr 14, 2015

Must Read Websites for Mobile App Developers

The app development industry is a huge industry and no wonder that many mobile app developers are dying hard to be a ...

View Blog

Questions?

Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now

Appknox is the worlds most powerful plug and play security platform which helps Developers, Security Researchers and Enterprises to build a safe and secure mobile ecosystem using a system plus human approach to outsmart smartest hackers.

Subscribe to our newsletter
Get Started
Product
Vulnerability Assessment Tools
Penetration Testing Tools
Resources
Compare
We are loved! Our reviews say it all!

Copyright © 2024 Appknox, Xysec Labs