This bug lets cybercriminals steal their username and password.
The vulnerability also affects Microsoft’s Outlook software, and attackers can take advantage of it to steal Windows login credentials.
A hacker can get access to this sensitive information by convincing a victim to preview a rich text e-mail containing remotely hosted OLE objects.
The vulnerability doesn’t require any additional interaction with the user.
Microsoft developed the technology OLE. It allows embedding and linking to documents and other objects.
Furthermore, The vulnerability was first reported back in November 2016.
But it has taken Microsoft more than a year to fix the issue.