We don’t normally post notices about current cyber security risks – that’s not the purpose of our blog and there are many other sites that track current vulnerabilities. However, this one is severe enough that we felt we should interrupt our normal blog cadence to let people know.

For most of the business world, Outlook is the application of choice for email; and like most software, vulnerabilities are found by security researchers, the software manufacturer is notified, and a patch is created.

In the world of cyber security, vulnerabilities are assigned a risk level, up to 10  (10 being the worst) and this one scores a 9.8.


In greatly simplified terms, a bad guy can send you an email to take over your computer, if you use Outlook to receive email. No need to view the email, open the email, open an attachment, click on a link – none of the usual second steps normally required. Just you receiving the email gives the bad guy access.

How to fix it? Simply install all updates on your computer. If you haven’t done so, don’t wait.