Tuesday, February 20, 2024

Outlook CVE-2024-21413 aka MonikerLink - Need to patch now

MS Security Update https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 

  1. For .msi install based - you can install standalone security patches to fix this vulnerability
  2. For O365/M365 user who is using click-to-run edition, assume you are domain joined machine, you need to deploy office GPO to enable auto update and run or deploy the command to run the whole office update. For example: "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe" /update user


 PoC - https://github.com/duy-31/CVE-2024-21413 
 https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability


Reference:
https://office-watch.com/2023/microsoft-office-update-one-click-force/
https://serverfault.com/questions/979000/update-office-without-opening-an-office-application
https://www.reddit.com/r/Office365/comments/1252ysz/office_2019_clicktorun_offline_updates/
https://windowsreport.com/outlooks-decades-old-vulnerability-allowed-for-catastrophic-attacks-without-any-user-interaction/
https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/
https://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 11:53 PM
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)