Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability (www.infosecurity-magazine.com)
from kid@sh.itjust.works to cybersecurity@sh.itjust.works on 11 Jul 2024 17:10
https://sh.itjust.works/post/22108315

Morphisec, who discovered the flaw and published an advisory about it on July 9, has urged Microsoft to reclassify the vulnerability as “Critical” to reflect the higher estimated risk and ensure adequate mitigation efforts.

The security firm agreed with Microsoft that this RCE is more complex than CVE-2024-30103, making immediate exploitation less likely. However, combining it with another vulnerability could simplify attacks.

#cybersecurity

threaded - newest

vk6flab@lemmy.radio on 16 Jul 2024 07:33 collapse

Wow it’s … checks calendar … a day with “y” in it … and another Microsoft vulnerability is revealed.