Microsoft Outlook had a critical zero-click RCE vulnerability

Infosecurity Magazine — July 10, 2024, 05:00 PM UTC

A critical zero-click RCE vulnerability, CVE-2024-38021, was discovered in Microsoft Outlook, affecting most applications. Microsoft has patched the flaw, distinguishing trusted senders as zero-click and untrusted ones requiring one-click interaction. Morphisec urged Microsoft to reclassify the vulnerability as "Critical" due to higher risk. The flaw was reported on April 21, confirmed on April 26, and patched on July 9, 2024. Updating software and enhancing email security measures are crucial.

Article metrics

Significance5.8

Scale & Impact0.0

Positivity4.0

Credibility7.5

See today's significant news

With a significance score of 5.8, this news ranks in the top 1% of today's 18237 analyzed articles.

Get summaries of news with significance over 5.5 (usually ~10 stories per week). Read by 8000 minimalists.