CVE-2020-1493

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook versions prior to the fixed version

Description: An information disclosure issue exists when attaching files to Outlook messages, potentially allowing users to share attached files with anonymous users, even when they should be restricted to specific users. This could be exploited by an attacker sending an email with a file attached as a link, thereby ignoring default organizational settings. The issue arises from how Outlook handles file attachment links.

Recommendations: To resolve the issue, apply the security update that corrects how Outlook handles file attachment links. As a temporary workaround, consider avoiding the use of file attachment links in Outlook until the update is applied. Restrict access to sensitive files to minimize the risk of exploitation.