Endpoint Vulnerability

Microsoft Outlook Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Affected Products

Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 for Mac,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions)

References

CVE-2018-0793,