June 12, 2024 at 12:45PM
Microsoft addressed a critical remote code execution vulnerability in its June 2024 Patch Tuesday updates. Tracked as CVE-2024-30103, it allows attackers to create malicious DLL files and initiate execution when an affected email is opened in Outlook. This zero-click vulnerability can be exploited for initial access and requires immediate client updates.
After reviewing the meeting notes, it’s clear that Microsoft has addressed a critical vulnerability, tracked as CVE-2024-30103, in its June 2024 Patch Tuesday updates. The vulnerability allows for remote code execution (RCE) without user interaction, posing a significant security threat. This flaw impacts Outlook 2016, Office LTSC 2021, 365 Apps for Enterprise, and Office 2019, and it could potentially lead to data exfiltration, unauthorized system access, and other malicious activities.
Morphisec, the cybersecurity firm that discovered the bug, emphasizes the severity of the vulnerability, warning that attackers could exploit it to execute arbitrary code with the same privileges as the user, potentially resulting in a full system compromise. Furthermore, attackers could circulate the vulnerability from user to user without requiring any user action, increasing the potential for mass exploitation.
Considering the imminent threat, Microsoft has released patches for this and other remote code execution vulnerabilities in its products. Users are strongly advised to update their Outlook clients as soon as possible to mitigate the risk of exploitation. It’s worth noting that Morphisec plans to release technical details and a proof-of-concept (PoC) exploit at the DEF CON conference this summer.
In light of the potential severity of this vulnerability and the confirmed history of zero-click Outlook exploits being used in attacks, all users should prioritize patching their Outlook clients to prevent exploitation.