Outlook: Read-only access to contacts within a PST file in new Outlook for Windows

🚨 The Signal: New Outlook for Windows now supports read-only access to contacts within PST files. This expands the attack surface for data exfiltration and introduces new vectors for malware delivery via legacy data formats.

The Impact

All users are affected by the increased risk of data exfiltration and malware from legacy PST files.

• End users face increased risk of malware infection from malicious PST files.
• Security teams must manage new data exfiltration vectors via PST content.
• Admins need to consider new data governance challenges for legacy data.
• Organisations face potential compliance issues with unmanaged PST data.

The Action

1. Review and update data retention policies for PST files.
2. Implement or reinforce data loss prevention (DLP) policies for PST content.
3. Educate users on the risks associated with opening untrusted PST files.
4. Consider migrating critical data from PSTs to modern M365 storage.
5. Monitor for unusual access patterns to PST files using Microsoft Purview Audit.

Domain: M365-Apps · Impact: high · Workload: M365 Apps