CVE-2024-42220

Name of the Vulnerable Software and Affected Versions Microsoft Outlook version 16.83.3 for macOS

Description The issue is related to a library injection vulnerability in Microsoft Outlook for macOS. This vulnerability allows a specially crafted library to leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability, making use of the vulnerable application's permissions. The vulnerability is associated with errors in cryptographic signature verification. It has been reported that this issue is being actively exploited.

Recommendations For Microsoft Outlook version 16.83.3 for macOS, consider disabling the use of external libraries until a patch is available to prevent potential exploitation. Restrict access to the vulnerable library injection mechanism to minimize the risk of permission bypass. Avoid using the application with elevated privileges until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.