Microsoft Outlook Remote Code Execution (Moniker Link)

🏭 MicrosoftCWE-20#RCE#Email#Windows#Zero-Click

9.8Critical

010.0

Vulnerability Description

A critical vulnerability in Microsoft Outlook allows an attacker to bypass the Protected View security feature and execute arbitrary code via a malicious "Moniker Link" URL. Exploitation can occur by simply previewing a crafted email.

Recommended Mitigation

Apply the February 2024 Microsoft Security Update immediately. Enable Protected View. Consider deploying an OutlookSecureTemp policy via Group Policy.

Affected Products

Microsoft Outlook 2016

Microsoft Outlook 2019

Microsoft 365 Apps

Version constraint: Office 2016/2019/2021, Microsoft 365 (all channels before Feb 2024 patch)

Official References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 https://nvd.nist.gov/vuln/detail/CVE-2024-21413

Quick Facts

Published: 2024-02-13
Last Modified: 2024-02-15
Vendor: Microsoft
CWE: CWE-20
Exploit: ⚠️ Public Exploit Exists

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

View on NVD ← Back to Advisory Feed