virus logo Intrusion Prevention

MS.Outlook.CVE-2024-21413.Remote.Code.Execution

description-logoDescription

This indicates an attempt to exploit a Remote Code Execution vulnerability in Microsoft Outlook.
The vulnerability is due to the improper handling of specially crafted hyperlinks. A remote attacker could exploit this vulnerability to bypass Office Protected View, causing files to be opened in editing mode instead of protected mode. Successful exploitation may lead to arbitrary code execution within the context of the application.

affected-products-logoAffected Products

Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-06-11 28.804
Modified
 Default_action:pass:drop
2024-04-02 27.759
Modified
 Sig Added
2024-03-20 27.752
Modified
 Sig Added
2024-02-21 26.737
Modified
 Sig Added
2024-02-20 26.736
New

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413
ID 54685
Created Feb 19, 2024
Updated May 24, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 92.96%
Default Action drop
Active
Affected OS Windows
Affected App MS_Office
Profile Type Code Injection