virus logo Intrusion Prevention

MS.Office.Outlook.CVE-2017-11774.Security.Bypass

description-logoDescription

This indicates an attack attempt against a Security Bypass vulnerability in Microsoft Office Outlook.
The vulnerability is caused by improper input handling on the vulnerable software. An attacker can exploit this to maliciously configure the software and bypass the security features when loading the application.

affected-products-logoAffected Products

Microsoft Outlook 2016 (64-bit editions)
Microsoft Outlook 2016 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 0
Microsoft Outlook 2013 Service Pack 1 (32-bit editions) 0
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2010 (64-bit editions) Service Pack 2
Microsoft Outlook 2010 (32-bit editions) Service Pack 2

Impact logoImpact

Security Bypass: Remote attackers can bypass security features of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-06-03 28.799
Modified
 Sig Added
2019-10-24 14.710
Modified
 Default_action:pass:drop
2019-07-05 14.644
New

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774
ID 48144
Created Jul 05, 2019
Updated Jun 03, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 84.64%
Default Action drop
Active
Affected OS Windows
Affected App MS_Office
Profile Type Permission/Privilege/Access Control