Security Update for Microsoft Office (April 2017) (macOS)
High Nessus Plugin ID 99313
SynopsisAn application installed on the remote macOS or Mac OS X host is affected by a spoofing vulnerability.
DescriptionThe Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by a spoofing vulnerability in Microsoft Outlook due to improper validation of input passed via HTML tags. An unauthenticated, remote attacker can exploit this, by sending an email with specific HTML tags, to display a malicious authentication prompt and gain access to a user's authentication information or login credentials.
SolutionMicrosoft has released a patch for Microsoft Outlook for Mac 2011.