Security News > 2024 > February > New critical Microsoft Outlook RCE bug is trivial to exploit
![New critical Microsoft Outlook RCE bug is trivial to exploit](/static/build/img/news/new-critical-microsoft-outlook-rce-bug-is-trivial-to-exploit-medium.jpg)
Microsoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office Protected View.
Unauthenticated attackers can exploit CVE-2024-21413 remotely in low-complexity attacks that don't require user interaction.
"An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality," Microsoft explains.
Microsoft updated the CVE-2024-21413 security advisory today to warn that this Outlook bug was also being exploited in attacks as a zero-day before this month's Patch Tuesday.
Citrix warns of new Netscaler zero-days exploited in attacks.
45k Jenkins servers exposed to RCE attacks using public exploits.
News URL
Related news
- Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw (source)
- PHP fixes critical RCE flaw impacting all versions for Windows (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers (source)
- Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs (source)
- Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability (source)
- Microsoft: New Outlook security changes coming to personal accounts (source)
- Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-13 | CVE-2024-21413 | Unspecified vulnerability in Microsoft products Microsoft Outlook Remote Code Execution Vulnerability | 9.8 |