Microsoft fixes dangerous zero-click Outlook remote code execution exploit
- by nlqip
“An attacker who successfully exploited this vulnerability could bypass Outlook registry block lists and enable the creation of malicious DLL files,” the company said.
The arbitrary code execution occurs with the privileges of the current user, so, in order to fully take over a system, attackers would have to combine it with a privilege escalation flaw. The researchers who found this vulnerability claim to have found a second one that will be included in their DEF CON presentation, but which has not been patched yet.
Attackers have exploited Outlook vulnerabilities before in the wild, as email is the primary vector for distributing malware. Even APT groups have exploited Outlook flaws before including zero-click ones.
Source link
lol
“An attacker who successfully exploited this vulnerability could bypass Outlook registry block lists and enable the creation of malicious DLL files,” the company said. The arbitrary code execution occurs with the privileges of the current user, so, in order to fully take over a system, attackers would have to combine it with a privilege escalation…
Recent Posts
- Microsoft Edge will flag extensions causing performance issues
- Sophos CEO On How EDR Vendors, Microsoft Are ‘Rethinking’ Security After CrowdStrike Outage
- This Windows PowerShell Phish Has Scary Potential – Krebs on Security
- Unexplained ‘Noise Storms’ flood the Internet, puzzle experts
- Tor says it’s “still safe” amid reports of police deanonymizing users