Native Data Protection

Microsoft Closes Outlook Copy-On-Write Flaw with Exchange Online Fix

by Tony Redmond

Microsoft fixed the copy-on-write bug in Outlook for Windows in Exchange Online. The fix stops users removing attachments from sent or received messages. A strong case can be made that the fix should have been present from the start to stop any possibility that clients could comprise Exchange Native Data Protection. Microsoft doesn't think many people were affected and they could be right, but that doesn't make the problem any easier to swallow.

Outlook Flaw Compromises Exchange Online Native Data Protection

by Tony Redmond

A bug in Outlook desktop's implementation of the MAPI over HTTP protocol allows users whose mailboxes are on hold to remove attachments from messages. The removal is not captured by the copy-on-write feature of Exchange Online Native Data Protection, which potentially compromises the ability of Data Governance managers or eDiscovery investigators to recover information needed for compliance purposes. All in all, it's a mess that Microsoft needs to clean up quickly.

Download this eBook!

External Sharing and Guest User Access in Microsoft 365 and Teams

his eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure. The eBook will also outline some of the major decision points across four general-purpose guest access policy scenarios for how an organization can set this up with standard licensing.

Download Now

Sponsored By