Microsoft fixes dangerous zero-click Outlook remote code execution exploit
- by nlqip
“An attacker who successfully exploited this vulnerability could bypass Outlook registry block lists and enable the creation of malicious DLL files,” the company said.
The arbitrary code execution occurs with the privileges of the current user, so, in order to fully take over a system, attackers would have to combine it with a privilege escalation flaw. The researchers who found this vulnerability claim to have found a second one that will be included in their DEF CON presentation, but which has not been patched yet.
Attackers have exploited Outlook vulnerabilities before in the wild, as email is the primary vector for distributing malware. Even APT groups have exploited Outlook flaws before including zero-click ones.
Source link
lol
“An attacker who successfully exploited this vulnerability could bypass Outlook registry block lists and enable the creation of malicious DLL files,” the company said. The arbitrary code execution occurs with the privileges of the current user, so, in order to fully take over a system, attackers would have to combine it with a privilege escalation…
Recent Posts
- Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
- How to reduce cyber risk during employee onboarding
- Germany seizes 47 crypto exchanges used by ransomware gangs
- Police dismantles phone unlocking ring linked to 483,000 victims
- Ahead Adds Former Google Cloud VP To Board To ‘Fuel’ AI, Hybrid Cloud