vulnerability

CVE-2020-1229: Microsoft Outlook Security Feature Bypass Vulnerability [Office for Mac]

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Jun 9, 2020	Jun 9, 2020	Oct 11, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Jun 9, 2020

Added

Jun 9, 2020

Modified

Oct 11, 2022

Description

A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted system to the attacker.
Exploitation of the vulnerability requires that a user open a specially crafted image with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted image to the user.
The update addresses the vulnerability by changing how remote images are processed in Outlook.

Solutions

office-for-mac-upgrade-16_16_23office-for-mac-upgrade-16_38_0

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today