Microsoft releases new update for Outlook users following discovery of zero-click threat
If you are a Microsoft user, you may be one of the 500 million Outlook users who may be at risk due to a significant zero-click remote code execution (RCE) vulnerability affecting most Microsoft Outlook applications. This vulnerability, now patched by Microsoft, did not require any authentication for trusted senders and one-click user interaction for untrusted senders. The company is advising you to act now to safeguard your accounts and are urged to update to the latest version to address this issue if you rely on the system for emails and calendars.
The CVE-2024-30103 vulnerability poses a major threat as it can be abused without any interaction from you. If exploited, the CVE-2024-38021 (Microsoft Outlook Remote Code Execution Vulnerability) could result in severe outcomes such as data breaches and unauthorized entry. Microsoft has classified this vulnerability as “Important” due to its seriousness. This zero-click vulnerability enables attackers to execute harmful code with the same privileges as you. By taking advantage of this loophole in Outlook, cybercriminals could obtain unauthorized access and cause damage to your accounts since no authentication is required on your part leading to widespread misuse.
Microsoft has responded to this issue by including a fix in the latest Patch update, despite no reported instances of exploitation by hackers. The update will be automatically distributed to the majority of laptops and desktop PCs, ensuring that users who have installed it are now protected.
To learn more about this topic click the links below.
Microsoft Issues Update For All Outlook Users As New Zero-Click Threat Revealed:
Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability:
https://www.infosecurity-magazine.com/news/microsoft-outlook-zero-click-rce/
Let’s be careful out there!
The PJ Networks Team
