February 16, 2024. Specialists from CheckPoint officially announced a vulnerability they discovered back in November 2023, identified as CVE-2024-21413, which they named the MonikerLink Bug.

This vulnerability is critical (CVSS 9.8) and can result in remote code execution (RCE) in Microsoft Outlook products. The risk occurs upon opening an email that contains malicious links. With just a click on the link, an attacker can obtain the user’s NTLM hash and execute malicious code embedded in a prepared Office document.

Since the MonikerLink Bug creates an attack vector through the Windows/COM ecosystem, similar attack vectors may be detected in other software. But using the Intruforce service, such vulnerabilities can be identified and eliminated before hackers exploit them.

Solution:
To protect your infrastructure, install the critical Outlook update released by Microsoft in February as soon as possible.

Technical Details:
Critical vulnerability.
CVSS: 3.1 / AV:N / AC:L / PR:N / UI:N / S:U / C:H / I:H / A:H

References:
CheckPoint Vulnerability Research Findings
Microsoft Security Response Center Report Link