Endpoint Vulnerability

Microsoft Outlook Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Affected Products

Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Outlook 2007 Service Pack 3,Microsoft Outlook 2010 Service Pack 2 (32-bit editions),Microsoft Outlook 2010 Service Pack 2 (64-bit editions),Microsoft Outlook 2013 RT Service Pack 1,Microsoft Outlook 2013 Service Pack 1 (32-bit editions),Microsoft Outlook 2013 Service Pack 1 (64-bit editions),Microsoft Outlook 2016 x64,Microsoft Outlook 2016 x86

References

CVE-2018-0791,