Tuesday, May 6, 2025
HomeCVE/vulnerabilityOutlook Users Beware 0-Day Exploit Released On Hacking Forums

Outlook Users Beware 0-Day Exploit Released On Hacking Forums

Published on

SIEM as a Service

Follow Us on Google News

Outlook has identified a security flaw that affects how it handles certain hyperlinks. 

Malware actors actively exploit the vulnerability in real-world attacks.

The assigned CVE number for this vulnerability is CVE-2024-21413, with a severity rating of 9.8 (Critical).

- Advertisement - Google News

Microsoft has successfully resolved the vulnerability in question and implemented the fix in their February 2024 Patch Tuesday release.

In case of successful exploitation of the vulnerability, a malicious actor can bypass the protected view of Office and open a file in editing mode instead of the protected mode.

Outlook 0-Day RCE Flaw

According to the Checkpoint report, if the hyperlink starts with http:// or https://, Outlook uses Windows’s default browser to open the URL.

If there are additional protocols, such as the “Skype” URL protocol, clicking on the hyperlink will trigger a security warning.

In other cases, like the “file://” protocol, Outlook did not display a warning dialog box.

A slight modification in the “file://” protocol link bypasses the previously shown security restriction and proceeds to access the resource.

According to experts, utilizing this particular resource involves utilizing the SMB protocol.

However, this protocol has a flaw where it inadvertently reveals the local NTLM credentials during the access process.

Exploit on Hacking Forums

The Daily Dark Web recently reported that specific hacking forums have been discussing an exploit for CVE-2024-21413.

This exploit allows attackers to access NTLM information and execute remote code.

The vulnerability can exploit the Office Protected View and use it as a means of attack to target other Office applications.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...