8 matches found
Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint
The increasing pervasiveness of cloud services in today’s work environments, accelerated by a crisis that forced companies around the globe to shift to remote work, is significantly changing how defenders must monitor and protect organizations. Corporate data is spread across multiple...
Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774)
Attackers have a dirty little secret that is being used to conduct big intrusions. We’ll explain how they're "unpatching" an exploit and then provide new Outlook hardening guidance that is not available elsewhere. Specifically, this blog post covers field-tested automated registry processing for...
Microsoft Outlook Security Feature Bypass (CVE-2017-11774)
...
CVE-2017-11774
creationtimestamp| type| source ---|---|--- 2019-07-03 05:40:32+00:00| seen| MISP/5d1c3fa4-8548-43ed-931c-48ed950d210f 2019-07-03 08:22:13+00:00| exploited| https://t.me/informationsecuritychannel/29027 2019-07-03 19:40:21+00:00| exploited| https://t.me/BleepingComputer/5401 2019-07-04...
CVE-2017-11774
Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."...
CVE-2017-11774
CVE-2017-11774 affects Microsoft Outlook clients (Outlook 2010 SP2, 2013 SP1/RT SP1, 2016) and enables code execution via Outlook home page/persistence vectors. The underlying issue is how Outlook handles in-memory objects, allowing an attacker to bypass security features and run arbitrary comman...
CVE-2017-11774
Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka “Microsoft Outlook Security Feature Bypass Vulnerability.” Recent assessments: Assessed Attacker Value: 0 Assessed...
Microsoft Outlook 2010 Service Pack 2 Security Feature Bypass Vulnerability (KB4011196)
This host is missing an important security update according to Microsoft KB4011196 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...