News

The Bat! is Resistant to Password Leak Attacks

Will Dormann, a security researcher from the CERT Coordination Middle (CERT/CC), discovered a vulnerability in Microsoft Outlook which allows hackers to steal users’ Windows passwords just by having them preview an email with a Rich Text Format (RTF) attachment that contained a remotely hosted OLE object. This way the intruders will get to know the users’ IP-address, domain name, hostname, username and password hash. In case the password is not strong enough hackers can easily crack it out of the hash. Ultimately, the attackers can take full control of these users’ computers. See the original Vulnerability Note VU#974272 dated April 10, 2018.

Users of The Bat! email program are always on the safe side as it never executes any code or hidden scripts embedded in email messages.

The Bat! is Resistant to Password Leak Attacks