Microsoft Boosts Outlook-to-Hotmail Security
Microsoft last week boosted the security of a tool that lets Outlook users send and receive messages through the company's Web-based Hotmail service.
The new Outlook Hotmail Connector supports HTTPS, a protocol that encrypts all traffic between the e-mail client and the Windows Live Hotmail service.
Microsoft added an all-HTTPS option to Hotmail in November 2010, in part as a reaction to Firesheep, a Firefox add-on released the month before that let anyone scan an unsecured Wi-Fi network and hijack others' access to Facebook , Twitter and a host of other services.
This week's update to Outlook Hotmail Connector is a follow-up to Microsoft 's 2010 move.
"Using a connection with HTTPS helps you be even more confident that your account is safer from hijackers, and that your private information remains private," the Outlook team wrote on its official blog Thursday.
The new tool encrypts communication between Outlook and the Windows Live e-mail, calendar and contacts services.
Google 's Gmail beat Hotmail to the HTTPS punch by years.
Gmail users have had the option of encrypting all Gmail traffic since 2008, but in mid-January 2010, Google enabled HTTPS by default on the same day it accused Chinese hackers of breaking into its systems and trying to access the Gmail accounts of human rights activists who live in the country.
Microsoft has also updated the consumer-grade Windows Live Mail to support HTTPS. Unlike its Outlook Express predecessor, which was bundled with Windows XP, Windows Live Mail is an optional download for Vista and Windows 7 .
Outlook Hotmail Connector can be downloaded in 32-bit and 64-bit versions for Outlook 2003, 2007 and 2010 on Windows. There is no similar tool for Outlook 2011, the e-mail program included with Office for Mac 2011.
The Windows Live Essentials update -- which includes the HTTPS-enabled Windows Live Mail -- is also available on Microsoft's download website.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org .
Read more about app security in Computerworld's App Security Topic Center.