EU parliament bans the Microsoft mobile Outlook app

The experts at the IT Department of the EU parliament bans the Microsoft mobile Outlook app due to the recently disclosed privacy and security issues.

A few days ago I wrote about serious security issues for Microsoft mobile Outlook app, the researcher and Head of Development at midpoints GmbH and IBM Champion René Winkelmeyer published a blog post to warn about security issues in the newborn iOS Outlook app. According to the expert, the iOS Microsoft mobile Outlook app recently presented by the company, allows the it to access corporate emails and server credentials without user’s knowledge.

For this reason, the EU Parliament has blocked politicians from using the Microsoft mobile Outlook app in the wake of security and privacy concerns. The EU Parliament fears that members’ credentials could be exposed to a third party.

The DG ITEC, which is the IT department of the Parliament, has requested to the members of the EU Parliament to avoid the use of the application.

“Please do not install this application, and in case you have already done so for your EP corporate mail, please uninstall it immediately and change your password,” requested the DG ITEC,. 

The experts at DG ITEC also invited the staff to remove the app if installed and to reset corporate email passwords if it was used.

e1

Microsoft refused any claim, according to the Acompli firm that developed the mobile Outlook app before the acquisition by Microsoft, the service used credentials were “double-encrypted using a server per-account unique key” and a client device unique key meaning credentials could be unlocked only by the server and app at runtime.

A Microsoft spokesman explained that if customers have concerns though, they can follow guidance on Controlling Device Access on Microsoft TechNet to block the app and continue using the Outlook Web Access (OWA) for iOS and Android devices.

The EU Parliament isn’t the unique organization that blocked the Microsoft mobile Outlook app, also the University of Wisconsin-Madison and Delft Technical University banned the mobile app.

Let’s close the post highlighting a significant excerpt from the policy implemented by the software.

“… our service retrieves your incoming and outgoing email messages and securely pushes them to the app on your device [and] may be temporarily stored and indexed securely both in our servers and locally on the app on your deviceIf your emails have attachments and you request to open them in our app, the service retrieves them from the mail server, securely stores them temporarily on our servers, and delivers them to the app.”

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.

APPLY NOW

10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase

X