vulnerability
Microsoft CVE-2017-11774: Microsoft Outlook Security Feature Bypass Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Oct 10, 2017 | Oct 10, 2017 | May 3, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Oct 10, 2017
Added
Oct 10, 2017
Modified
May 3, 2022
Description
A security feature bypass vulnerability exists when Microsoft Outlook improperly handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince users to open the document file and interact with the document.
The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.
Solutions
msft-kb4011178-16159336-3f53-458f-8e9c-948709d9724emsft-kb4011178-ac110aed-99e2-4992-ab19-ac6131059d71msft-kb4011196-a9a80c38-6a98-45b6-9d87-bc737c0f9c0fmsft-kb4011196-e2174c2c-2215-4d1f-a218-0ce4d3e3c3a9
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.