The Information Highway

The Information Highway

Font size: +
2 minutes reading time (326 words)

New Microsoft Outlook client vulnerability

Threat update

A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8. 

Technical Detail and Additional Info

What is the threat?

CVE-2024-30103 allows attackers to run arbitrary code without any interactions by the users. Once the malicious email is opened, it triggers a buffer overflow, which allows the attacker to execute arbitrary code with the same privileges as the user running Outlook. This can lead to a full system compromise, data theft, or further propagation of malware within a network. 

Why is it noteworthy?

The attack complexity of this vulnerability is low and exploitation over the network is possible. When the recipient opens the malicious email, the exploit is triggered. The attacker would need to be authenticated using valid Exchange user credentials. From there, attackers would need to find a privilege escalation flaw to take over a system fully. 

What is the exposure or risk?

Many email users utilize Outlook to read their emails. Outlook 2016, Office LTSC 2021, 365 Apps for Enterprise, and Office 2019 are affected. This vulnerability is severe due to its zero-click nature. Opening the malicious email in Outlook's preview pane is all that is needed to allow an attacker access to the network. This is extremely dangerous for accounts using Microsoft Outlook's auto-open email feature. This could lead to data breaches, unauthorized access to systems, and other malicious activities. 

What are the recommendations?

 LBT Technology Group recommends the following actions to limit the impact of this Outlook RCE vulnerability:

  • Install Microsoft's June Patch Tuesday security updates.
  • Use email filtering and monitoring solutions to help detect and block malicious emails before they reach end-users.
  • Report any suspicious emails with malicious attachments or unexpected content in the preview pane to your IT department.

References

CISA warns of Windows bug exploited in ransomware ...
Insurance giant Globe Life investigating web porta...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Saturday, 28 December 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023