Been there, done that ...
Let me hazard a guess, a "latent defect"?
Microsoft says its Outlook desktop client is suffering serious “email visibility issues” today, with a fix yet to be rolled out. Users have reported either whole emails missing, chunks of data gone, or just seeing the first line of messages. Folks can use the web or mobile client of Outlook, or the Windows desktop client in " …
This is for the Office 365 versions of the desktop software, they are designed to constantly update themselves and are the software option that MS is pushing.
For example if you work somewhere that has the Office 365 E3 or above (or Education equivalent) each user gets 5 licenses to install the desktop suite, but only of the automatically updating version.
Windows still doesn’t have proper per-process privilege confinement, meaning a compromise of Exchange is often a compromise of the whole OS and eventually the domain, because once an attacker has gotten that far, they can use the bloated bloated privilege set (rights) they’ve obtained to do almost anything.
Microsoft won’t fix this dumpster fire because they have cloud solutions to push. Businesses won’t dump Exchange because the alternatives aren’t seamless enough and folks like me will never be able to apply proper proactive security fixes for these environments to prevent compromises in the first place.... because the necessary tools don’t exist.
Linux has seccomp-bpf, namespaces, TOMOYO/SELinux/AppArmor and a whole ton of nice per-process ways to limit what an attacker can do. Windows has a handful of exploit mitigation flags which they don’t even apply to key services by default even when there’s no negative impact in doing so... not to mention way too many processes running as SYSTEM...
Seriously... Windows is fantastic on the desktop but terrible for servers!
"Users have reported either whole emails missing, chunks of data gone, or just seeing the first line of messages."
Getting rid of most email content. One small step for mankind. This seems a good first step, but the implementation seems to need a bit of refinement. MS probably should have done a bit of beta-testing before rolling it out to everyone.
No idea about <INV> tags - but frantic googling around found similar issues with having an AVG plugin installed (I didn't) and disabling graphics accelleration both producing similar effects (at least from text descriptions).
As to this instance actuallly being about INV tags, unless their initial patch inserted it into every single email both in POP3 emails in local PST files and in IMAP emails still on a Google server (which didn't present and unsupported tags when viewed in a web interface), and then their backout stripped them all out again. If such things were inserted, it was by the client software, not the mail server
Biting the hand that feeds IT © 1998–2022