vulnerability
Microsoft CVE-2017-11774: Microsoft Outlook Security Feature Bypass Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Oct 10, 2017 | Oct 10, 2017 | May 3, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Oct 10, 2017
Added
Oct 10, 2017
Modified
May 3, 2022
Description
A security feature bypass vulnerability exists when Microsoft Outlook improperly handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince users to open the document file and interact with the document.
The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.
Solutions
msft-kb4011178-16159336-3f53-458f-8e9c-948709d9724emsft-kb4011178-ac110aed-99e2-4992-ab19-ac6131059d71msft-kb4011196-a9a80c38-6a98-45b6-9d87-bc737c0f9c0fmsft-kb4011196-e2174c2c-2215-4d1f-a218-0ce4d3e3c3a9
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.