Critical-risk tools in Outlook
4 of the 51 tools in Outlook are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
OUTLOOK_DELETE_CONTACTDestructivePermanently deletes an existing contact, using its `contact_id` (obtainable via 'List User Contacts' or 'Get Contact'), from the Outlook contacts of the user specified by `user_...
-
OUTLOOK_DELETE_EMAIL_RULEDestructiveDelete an email rule
-
OUTLOOK_DELETE_EVENTDestructiveDeletes an existing calendar event, identified by its unique `event_id`, from a specified user's Microsoft Outlook calendar, with an option to send cancellation notifications to...
-
OUTLOOK_DELETE_MAIL_FOLDERDestructiveDelete a mail folder from the user's mailbox. Use when you need to remove an existing mail folder.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.