Bug in Microsoft Outlook allows hackers to steal information and take control of devices
02:12:00 | 28-03-2024

A critical vulnerability (CVE-2024-21413) exists in Microsoft Outlook that allows remote code execution (RCE), computer hijacking, spread viruses and steal sensitive information when users open emails with malicious links. The dangerous thing is that the code exploiting this vulnerability has appeared on the Internet, so the risk level for users will be higher.

Affected by this vulnerability is Outlook software in Microsoft Office LTSC 2021 and Microsoft 365 Apps for business, Microsoft Outlook 2016, and Microsoft Office 2019 suites.

According to Bkav experts, this vulnerability affects many users and is very dangerous because only minimal user interaction of viewing emails in the preview pane is enough to trigger the error.

To minimize the risk of attack, Outlook users should be cautious about unfamiliar emails, set strong passwords for computer accounts and quickly update patches for CVE-2024-21413.