Endpoint VulnerabilityMicrosoft Windows OLE CVE-2025-21298 Remote Code Execution Vulnerability
Description
Use After Free in Microsoft Outlook's OLE handling allows remote code execution via specially crafted emails, affecting multiple Outlook versions.
Affected Applications
Windows Server 2016
Windows 10
Windows Server 2008
Windows Server 2022
Windows Server 2012
Windows Server 2025
Windows 11
Windows Server 2019
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2026-04-05 | 1.00970 |
New
|
Windows Server 2016,Windows 10,Windows Server 2008,Windows Server 2022,Windows Server 2012,Windows Server 2025,Windows 11,Windows Server 2019 |
| 2025-01-14 | 1.00802 |
New
|
Windows Server 2016,Windows 10,Windows Server 2008,Windows Server 2022,Windows Server 2012,Windows Server 2025,Windows 11,Windows Server 2019 |
| ID | 83530 |
| Created | Apr 05, 2026 |
| Description Updated |
Apr 05, 2026 |
| CVE ID | |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Windows Server 2016 , Windows 10 , Windows Server 2008 , Windows Server 2022 , Windows Server 2012 , Windows Server 2025 , Windows 11 , Windows Server 2019 |