Microsoft on Thursday released an updated version of Outlook for Android that patches an important security flaw in the email app, which could have potentially led to spoofing attacks, Hacker News reported. Outlook for Android has been downloaded more than 100 million times on the Play Store. According to an advisory from Microsoft, the vulnerability was related to how Outlook for Android parses specifically crafted email messages. Microsoft's advisory said, "An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim. The attacker could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user. The security update addresses the vulnerability by correcting how Outlook for Android parses specially crafted email messages." The company said the flaw was independently reported by five security researchers, and that it was not aware of any actual attacks related to this issue. Other flaws found recently in Android apps Last week, a security flaw in the ‘Shot on OnePlus’ app caused OnePlus to leak the email addresses and other personal information of hundred of its users. 9to5Google said it discovered the “somewhat major” vulnerability in the API OnePlus uses for the app a couple of months ago, and that the company had already fixed it. It said it was unclear for how long users’ data had been leaking in this way, but believed it had been happening since the launch of the ‘Shot on OnePlus’ app many years ago. In May, WhatsApp confirmed…
