Microsoft beefs up Outlook-to-Hotmail security
Adds HTTPS support to Outlook Hotmail Connector tool for Windows
Computerworld - Microsoft on Thursday boosted the security of a tool that lets Outlook users send and receive messages through the company's Web-based Hotmail service.
The new Outlook Hotmail Connector supports HTTPS, a protocol that encrypts all traffic between the email client and the Windows Live Hotmail service.
Microsoft added an all-HTTPS option to Hotmail in November 2010, in part as a reaction to Firesheep, a Firefox add-on released the month earlier that let anyone scan an unsecured Wi-Fi network and hijack others' access to Facebook, Twitter and a host of other services.
This week's update to Outlook Hotmail Connector is a follow-up to Microsoft's 2010 move.
"Using a connection with HTTPS helps you be even more confident that your account is safer from hijackers, and that your private information remains private," the Outlook team wrote on its official blog Thursday.
The new tool encrypts communication between Outlook and the Windows Live email, calendar and contacts services.
Google's Gmail beat Hotmail to the HTTPS punch by years.
Gmail users have had the option of encrypting all Gmail traffic since 2008, but in mid-January 2010, Google enabled HTTPS by default on the same day it accused Chinese hackers of breaking into its systems and trying to access the Gmail accounts of human rights activists who live in the country.
Microsoft has also updated the consumer-grade Windows Live Mail to support HTTPS. Unlike its Outlook Express predecessor, which was bundled with Windows XP, Windows Live Mail is an optional download for Vista and Windows 7.
Outlook Hotmail Connector can be downloaded in 32-bit and 64-bit versions for Outlook 2003, 2007 and 2010 on Windows. There is no similar tool for Outlook 2011, the email program included with Office for Mac 2011.
The Windows Live Essentials update -- which includes the HTTPS-enabled Windows Live Mail -- is also available on Microsoft's download website.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
Read more about Application Security in Computerworld's Application Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Riverbed Stingray Application Firewall: Securing Cloud Applications with a Distributed Web Application Firewall Responsibility over IT security is moving away from the network and IT infrastructure and to the application and software architecture itself. IT organizations...
- Web Application Firewalls--Laying the Myths to Rest This paper addresses some of the myths about WAFs and outlines how businesses are optimizing their investment in protecting their ever-evolving web apps.
- PCI DSS Compliance in Cloud Environments This technology analysis addresses the challenges of the evolving cloud security landscape and how organizations can achieve PCI DSS compliance in cloud environments...
- Web Attack Survival Guide This guide will help you protect your organization from external threats targeting your high-value applications and data assets.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Application Security White Papers | Webcasts