CVE-2024-21413: Critical MonikerLink Bug Vulnerability Allows for Remote Code Execution in Microsoft Outlook

Specialists from CheckPoint officially announced a vulnerability they discovered back in November 2023, identified as CVE-2024-21413, which they named the MonikerLink Bug.

This vulnerability is critical (CVSS 9.8) and can result in remote code execution (RCE) in Microsoft Outlook products. The risk occurs upon opening an email that contains malicious links. With just a click on the link, an attacker can obtain the user’s NTLM hash and execute malicious code embedded in a prepared Office document.

Since the MonikerLink Bug creates an attack vector through the Windows/COM ecosystem, similar attack vectors may be detected in other software. But using the Intruforce service, such vulnerabilities can be identified and eliminated before hackers exploit them.

Solution:
To protect your infrastructure, install the critical Outlook update released by Microsoft in February as soon as possible.

Technical Details:
Critical vulnerability.
CVSS: 3.1 / AV:N / AC:L / PR:N / UI:N / S:U / C:H / I:H / A:H

References:
CheckPoint Vulnerability Research Findings
Microsoft Security Response Center Report Link

CVE-2024-21413: Critical MonikerLink Bug Vulnerability Allows for Remote Code Execution in Microsoft Outlook

Relevant blog posts

American corporation MITRE was attacked through zero-day vulnerabilities

CVE-2024-23897: Critical Vulnerability in Jenkins Command Line Interface Access

CVE-2024-21591: Critical Junos OS Vulnerability Can Lead to Unauthenticated Remote Code Execution