T 3.61 Incorrect configuration of Outlook

Microsoft Outlook is an important part of the Microsoft Exchange system and constitutes the client component. The client being configured correctly is important for the overall security of the system.

Here, the following aspects should be mentioned in particular:

• The selection of the communication protocol may entail specific security problems. This is particularly applicable to the MAPI interface that was used to distribute a host of computer viruses and worms in the past.

• If a client computer is used by several users, a separate profile is created and stored for each user. This profile can be taken over by a colleague. Therefore, it is possible that the user account of a person is taken over without any authorisation of the system and the confidentiality of data may be affected adversely.

• If encryption and electronic signature are used on email level, e.g. based on S/MIME or PGP, it may be possible that the private key is compromised if it is stored locally. The confidentiality of data being affected adversely and the rights being taken over by third parties are possible consequences.
• If encryption is used on network level, e.g. by using IPSec, SSL, or TLS, this mechanism may become ineffective if the client is configured improperly.

• Misconfiguration of the Outlook email client may furthermore result in data being lost and the client being blocked. As a further consequence, an overflow may occur, meaning that the Exchange server is overloaded.

• If the automatic execution of dangerous file formats is restricted inappropriately in the Outlook client, viruses and other malware may penetrate the system or be distributed.

Calendar management and the task list are further parts of the Exchange/Outlook system not directly intended for processing the email correspondence, but rather for supporting the work flows in an organisation.

However, these areas may sometimes contain information as sensitive and worthy of protection as the information contained in electronic messages. Therefore, misconfiguration of these sub-systems will result in the following potential security problems:

• loss of confidentiality due to unauthorised access,
• loss of integrity of the information due to data manipulation (accidentally or deliberately),
• unauthorised adoption of the role and/or identity of another user, or
• loss of data and information due to improper data storage and a lack of backup mechanisms.