CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited

Microsoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution. The post Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited appeared first on SecurityWeek.

One of the vulnerabilities that Microsoft addressed as part of its June 2024 Patch Tuesday updates could be exploited to achieve remote code execution (RCE) without user interaction, Morphisec warns.

Tracked as CVE-2024-30103 (CVSS score of 8.8), the security defect allows attackers to bypass Outlook registry block lists and create malicious DLL files, Microsoft says in its advisory.

“Preview Pane is an attack vector,” the tech giant notes, adding that attack complexity is low and that exploitation over the network is possible. Outlook 2016, Office LTSC 2021, 365 Apps for Enterprise, and Office 2019 are affected.

While Microsoft rates the vulnerability as ‘important’, Morphisec, whose researchers discovered the bug, considers it ‘critical’, warning that attackers might soon start exploiting it specifically because it does not require user interaction.

“Rather, execution initiates when an affected email is opened. This is notably dangerous for accounts using Microsoft Outlook’s auto-open email feature,” the cybersecurity firm notes.

The RCE flaw, Morphisec says, could be exploited to exfiltrate data, gain unauthorized access to systems, and perform other malicious activities.

“This Microsoft Outlook vulnerability can be circulated from user to user and doesn’t require a click to execute,” Morphisec adds.

According to the cybersecurity firm, creating an exploit for this zero-click vulnerability is straightforward, which makes it susceptible for mass exploitation for initial access.

“Once an attacker successfully exploits this vulnerability, they can execute arbitrary code with the same privileges as the user, potentially leading to a full system compromise,” Morphisec says.

The company plans on releasing technical details and a proof-of-concept (PoC) exploit at the DEF CON conference this summer.

Users are advised to update their Outlook clients as soon as possible. Threat actors are known to have used zero-click Outlook exploits in attacks before.

On Tuesday, Microsoft released patches for over a dozen remote code execution vulnerabilities in its products, including a critical-severity flaw in Microsoft Message Queuing (MSMQ).

Related: New NTLM Hash Leak Attacks Target Outlook, Windows Programs

Related: Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

Related: Microsoft Makes Second Attempt to Patch Recent Outlook Zero-Day

Related: Microsoft Expands List of Blocked File Types in Outlook on the Web

Latest News

CYBERNEWSMEDIAPublisher