On Apr 11, 2018, Microsoft released updates to address a security gap in the Microsoft Outlook. The gap allows an attacker to send a maliciously crafted email to steal the "hashed" password of the email recipient. An attacker with a hashed password can try to guess the actual password.
The stronger your password; the more complex the hash; the less likely for the attacker will be successful.
Thus, Information Security recommends the following:
1. Run Windows Update to keep your computer up-to-date and close the vulnerability.
2. Choose a strong password to ensure that your hashed password is extremely difficult to break. A passphrase (a password with 15 or more characters) is an example.
3. Don't click on any link unless you can trust the sender. This tip applies to all emails.
More info:
CVE-2018-0950 | Microsoft Office Information Disclosure Vulnerability