CVE-2018-0793

Name of the Vulnerable Software and Affected Versions Microsoft Outlook versions 2007 through 2013

Description A remote code execution issue exists due to the way Microsoft Outlook parses specially crafted email messages. This could allow a remote attacker to execute arbitrary code if a user opens a specially crafted file with an affected version of Microsoft Outlook. The exploitation of this issue requires a user to open a maliciously crafted file, potentially allowing the attacker to take control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Outlook 2007, update to a version that includes the fix for this issue. For Microsoft Outlook 2010, update to a version that includes the fix for this issue. For Microsoft Outlook 2013, update to a version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of affected versions of Microsoft Outlook to parse email messages until a patch is available.