iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Remote code execution via the preview pane could lead to privilege escalation.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has shared a critical alert highlighting the need to act on a newly disclosed vulnerability in certain Microsoft Outlook products.
The bug – currently tracked as CVE-2024-21413 – could allow a threat actor to use Outlook’s preview pane as an attack vector, leading to remote code execution and the escalation of privileges to allow that actor to read and write as well as delete data.
The vulnerability is present in the following Microsoft products:
One upside is that as far as the ACSC has observed, this vulnerability is not being exploited.
Microsoft has mitigation advice for the bug, which is basically to install the updates listed in the company’s own vulnerability advisory. The advisory also goes into a little more detail about what makes this bug tick.
“An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality,” Microsoft said.
“An attacker could craft a malicious link that bypasses the Protected View protocol, which leads to the leaking of local NTLM credential information and remote code execution.”
That said, Microsoft rates the likelihood of this actually being exploited as unlikely. However, better to be safe than sorry – follow the ACSC and Microsoft’s advice on updating software now.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
