Threat Encyclopedia

MS.Office.Outlook.CVE-2017-11774.Security.Bypass

Description

This indicates an attack attempt against a Security Bypass vulnerability in Microsoft Office Outlook.
The vulnerability is caused by improper input handling on the vulnerable software. An attacker can exploit this to maliciously configure the software and bypass the security features when loading the application.

Affected Products

Microsoft Outlook 2016 (64-bit editions)
Microsoft Outlook 2016 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 0
Microsoft Outlook 2013 Service Pack 1 (32-bit editions) 0
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2010 (64-bit editions) Service Pack 2
Microsoft Outlook 2010 (32-bit editions) Service Pack 2

Impact

Security Bypass: Remote attackers can bypass security features of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774

CVE References

CVE-2017-11774