Endpoint Vulnerability

Microsoft Office Outlook Memory Corruption Vulnerability

Description

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Affected Products

Microsoft Office 2010 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2010 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Outlook 2007 Service Pack 3,Microsoft Outlook 2010 Service Pack 2 (32-bit editions),Microsoft Outlook 2010 Service Pack 2 (64-bit editions),Microsoft Outlook 2013 RT Service Pack 1

References

CVE-2017-8663,