Microsoft beefs up Outlook-to-Hotmail security
Adds HTTPS support to Outlook Hotmail Connector tool for Windows
Computerworld - Microsoft on Thursday boosted the security of a tool that lets Outlook users send and receive messages through the company's Web-based Hotmail service.
The new Outlook Hotmail Connector supports HTTPS, a protocol that encrypts all traffic between the email client and the Windows Live Hotmail service.
Microsoft added an all-HTTPS option to Hotmail in November 2010, in part as a reaction to Firesheep, a Firefox add-on released the month earlier that let anyone scan an unsecured Wi-Fi network and hijack others' access to Facebook, Twitter and a host of other services.
This week's update to Outlook Hotmail Connector is a follow-up to Microsoft's 2010 move.
"Using a connection with HTTPS helps you be even more confident that your account is safer from hijackers, and that your private information remains private," the Outlook team wrote on its official blog Thursday.
The new tool encrypts communication between Outlook and the Windows Live email, calendar and contacts services.
Google's Gmail beat Hotmail to the HTTPS punch by years.
Gmail users have had the option of encrypting all Gmail traffic since 2008, but in mid-January 2010, Google enabled HTTPS by default on the same day it accused Chinese hackers of breaking into its systems and trying to access the Gmail accounts of human rights activists who live in the country.
Microsoft has also updated the consumer-grade Windows Live Mail to support HTTPS. Unlike its Outlook Express predecessor, which was bundled with Windows XP, Windows Live Mail is an optional download for Vista and Windows 7.
Outlook Hotmail Connector can be downloaded in 32-bit and 64-bit versions for Outlook 2003, 2007 and 2010 on Windows. There is no similar tool for Outlook 2011, the email program included with Office for Mac 2011.
The Windows Live Essentials update -- which includes the HTTPS-enabled Windows Live Mail -- is also available on Microsoft's download website.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
Read more about Application Security in Computerworld's Application Security Topic Center.
- The DDoS Threat Spectrum Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- How to Keep Company Assets Secure with Federated Identity and Access Management This Technology Spotlight discusses the growing need for security in today's cloud-based, mobile world of IT, and the rise of SaaS-based solutions.
- Security, Privacy and Trust in Email Management This white paper discusses a SaaS-based email management solution that delivers the security, continuity and archiving capabilities your organization demands.
- Unifying Secuirty Operations Agile enterprises know that the way to quickly identify and react to threats to the business is to break down operational siloes by...
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Application Security White Papers | Webcasts