Endpoint Vulnerability

Microsoft Outlook Denial of Service Vulnerability

Description

A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server. The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.

Affected Products

Microsoft Outlook 2013 RT Service Pack 1,Microsoft Outlook 2013 Service Pack 1 (64-bit editions),Microsoft Outlook 2010 Service Pack 2 (64-bit editions),Microsoft Outlook 2013 Service Pack 1 (32-bit editions),Microsoft 365 Apps for Enterprise for 64-bit Systems,Microsoft Office 2019 for 64-bit editions,Microsoft Office 2019 for 32-bit editions,Microsoft 365 Apps for Enterprise for 32-bit Systems,Microsoft Outlook 2016 x86,Microsoft Outlook 2010 Service Pack 2 (32-bit editions)

References

CVE-2020-16949,