Описание
Microsoft Outlook Remote Code Execution Vulnerability
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.
According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?
An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.
If I am running Office 2016 (32-bit edition) or Office 2016 (64-bit edition, what do I need to do to be protected from this vulnerability?
To be protected, customers running Office 2016 need to install all the updates listed for their edition in the following tables.
For Office 2016 (32-bit edition):
| Product | Article | Download | Build Number |
|---|---|---|---|
| Microsoft Office 2016 (32-bit edition) | 5002537 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (32-bit edition) | 5002467 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (32-bit edition) | 5002522 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (32-bit edition) | 5002469 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (32-bit edition) | 5002519 | Security Update | 16.0.5435.1001 |
For Office 2016 (64-bit edition):
| Product | Article | Download | Build Number |
|---|---|---|---|
| Microsoft Office 2016 (64-bit edition) | 5002537 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (64-bit edition) | 5002467 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (64-bit edition) | 5002522 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (64-bit edition) | 5002469 | Security Update | 16.0.5435.1001 |
| Microsoft Office 2016 (64-bit edition) | 5002519 | Security Update | 16.0.5435.1001 |
Is the Preview Pane an attack vector for this vulnerability?
Yes, the Preview Pane is an attack vector.
How could the attacker exploit this vulnerability?
An attacker could craft a malicious link that bypasses the Protected View Protocol, which leads to the leaking of local NTLM credential information and remote code execution (RCE).
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Office 2016 (32-bit edition) | ||
| Microsoft Office 2016 (64-bit edition) | ||
| Microsoft Office 2019 for 32-bit editions | - | |
| Microsoft Office 2019 for 64-bit editions | - | |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | - | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | - | |
| Microsoft Office LTSC 2021 for 64-bit editions | - | |
| Microsoft Office LTSC 2021 for 32-bit editions | - |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
Microsoft Outlook Remote Code Execution Vulnerability
Уязвимость почтового клиента Microsoft Outlook, связанная с ошибками при обработке входных данных, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3