On 2020-09-28 09:36+1000, raf wrote:
> One reason is MFA. Where I work, we are often receiving
> emails from the hacked email accounts of our clients.

That would help some of the problems, I suppose. But a compromised copy 
of Outlook would still act as a spam mill once the login connection is 
established. I think what would happen is that between your login to 
exchange and getting 'a ok login' in response the MFA device needs to 
approve. Malware surely just waits a little longer, it would look like 
normal behaviour to someone who just started outlook, I would have 
thought.

I seem to remember Outlook being one of the more buggy mail clients. 
There was a nasty issue without Outlook Express that would execute code 
in mail headers prior to display. Unless my memory is wrong.

Exploitation doesn't go away with MFA, it might reduce some issues with 
compromised clients, but I think MFA is supposed to give some protection 
for that, unless you authorise the client connection.

I really don't know, and I'm trying to see sense. It seems like wilful 
look-in, there's avenues for alternatives with things like BYOD becoming 
commonplace, but then to enforce Outlook or Office 365 rubs me the wrong 
way.

Ed

Reply via email to