It's 2018 and previewing an email can flash your privates at the world
Microsoft emitted a patch for all supported versions of Outlook on Patch Tuesday this month to prevent attackers harvesting credentials from users who simply preview a carefully crafted Rich Text (RTF) email. The vulnerability (CVE-2018-0950) exploited Outlook’s unfortunate habit of retrieving remotely hosted Object Linking and Embedding (OLE) content when previewing a RTF email. The Windows client was able to authenticate itself if that content was hosted on SMB/CIFS server. If the SMB server...