Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-8571: Microsoft Office Outlook Security Feature Bypass Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2017-8571: Microsoft Office Outlook Security Feature Bypass Vulnerability

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
07/27/2017
Created
07/25/2018
Added
07/27/2017
Modified
04/05/2021

Description

A security feature bypass vulnerability exists when Microsoft Office Outlook improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince a user to open the document file and interact with the document by clicking a specific cell.The update addresses the vulnerability by correcting how Microsoft Office Outlook handles input.

Solution(s)

  • msft-kb2956078-eaaded74-3a3a-41b7-89db-264be67478bc
  • msft-kb2956078-f4be28d1-a3d7-45dd-921d-358e9fe7fc1d
  • msft-kb3213643-772b5400-55fc-480e-93a3-8114a0a02c93
  • msft-kb4011078-071a470e-af7d-4a0f-bafa-c865c545e2b6
  • msft-kb4011078-91cc493a-52c2-4320-ba72-5bae967e421a

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;