PT-2025-1193 · Microsoft · Outlook+2
D4M0N
+2
·
Publicado
2025-01-14
·
Atualizado
2026-03-10
·
CVE-2025-21298
CVSS v3.1
10
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Microsoft Outlook versions prior to the fixed version
Description
The vulnerability is a zero-click remote code execution (RCE) flaw in Microsoft Outlook, caused by a memory corruption issue in the
UtOlePresStmToContentsStm function of the ole32.dll library. This function is used to process embedded OLE objects in RTF files. The vulnerability can be exploited by sending a specially crafted email to the victim, which can execute arbitrary code on the victim's machine without requiring any user interaction. The estimated number of potentially affected devices worldwide is not specified, but the vulnerability is considered critical due to its high severity and potential for remote code execution.Recommendations
To resolve the issue, update Microsoft Outlook to the latest version, which includes the fix for this vulnerability. Additionally, consider implementing the following mitigation measures:
- Enable text-based preview of attachments in Outlook
- Block RTF files from untrusted sources
- Use antivirus software and SIEM systems to detect and prevent exploitation attempts
- Restrict remote access to vulnerable systems
- Educate users to avoid opening suspicious email attachments and to use plain text email viewing to minimize the risk of exploitation.
Exploit
Correção
RCE
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Outlook
Windows
Windows Object Linking/Embedding