A recent discovery of two additional confirmed Common Vulnerabilities and Exposures (CVEs) has raised concerns about the security of Microsoft Outlook. According to cybersecurity experts, these CVEs could potentially lead to full NTLM compromise, posing a significant risk to users. In an interview with CSO Online, cybersecurity researcher Gorelik emphasized the potential danger posed by these unpatched vulnerabilities.
One of the vulnerabilities, designated as CVE-2024-38173 by Microsoft, exposes a critical flaw in Outlook’s email preview function. This flaw allows malicious email malware to be activated without the recipient even opening the message. This means that even unsuspecting users who do not use mail preview could still be at risk of malware activation. Corporate employees, in particular, are susceptible to such attacks as they are more likely to receive and open work-related emails.
Gorelik pointed out that the discovery of CVE-2024-38173 underscores a fundamental flaw in Outlook’s form-based architecture. Attackers with access to an account can craft and propagate a malicious form that evades detection due to a faulty deny list implementation. This means that cybercriminals can exploit this vulnerability to launch attacks without the need for recipients to interact with suspicious attachments or links. This new attack methodology poses a serious threat to the security of Outlook users.
The implications of these unpatched vulnerabilities are concerning, especially for organizations that rely on Outlook for communication and collaboration. The potential for full NTLM compromise could have far-reaching consequences, including unauthorized access to sensitive information and unauthorized control over accounts. Cybersecurity experts are urging users to remain vigilant and take steps to protect themselves from potential attacks.
It is crucial for Microsoft to address these vulnerabilities promptly and release patches to prevent exploitation by malicious actors. In the meantime, users are advised to exercise caution when interacting with email messages and to report any suspicious activity to their IT department. By staying informed and implementing best practices for cybersecurity, users can mitigate the risks posed by these vulnerabilities and protect their sensitive information from compromise.
Overall, the discovery of these CVEs serves as a reminder of the ever-evolving nature of cybersecurity threats and the importance of proactive measures to safeguard against potential attacks. As technology continues to advance, it is crucial for organizations and individuals alike to prioritize cybersecurity and stay informed about the latest threats in order to protect their digital assets and maintain a secure online environment.