News Minimalist logo

News Minimalist

All news ranked by significance

Microsoft Outlook had a critical zero-click RCE vulnerability

Infosecurity Magazine July 10, 2024, 05:00 PM UTC

Summary: A critical zero-click RCE vulnerability, CVE-2024-38021, was discovered in Microsoft Outlook, affecting most applications. Microsoft has patched the flaw, distinguishing trusted senders as zero-click and untrusted ones requiring one-click interaction. Morphisec urged Microsoft to reclassify the vulnerability as "Critical" due to higher risk. The flaw was reported on April 21, confirmed on April 26, and patched on July 9, 2024. Updating software and enhancing email security measures are crucial.

Full article

Article metrics
Significance5.8
Scale & Impact0.0
Positivity4.0
Credibility7.5
What is this?

This is article metrics. Combined, they form a significance score, that indicates how important the news is on a scale from 0 to 10.

My algorithm scores 10,000 news articles daily, and creates a single significance-ordered list of news.

Read more about how I calculate significance, or see today's top ranked news on the main page:

See today's news rankings

Timeline:

  1. [3.8]
    Void Banshee APT used Windows zero-day to distribute malware (Help Net Security)
    93d 14h
    Source
  2. [4.7]
    Recent industry vulnerabilities prompt urgent patching and security measures (eSecurity Planet)
    94d 9h
    Source
  3. [5.2]
    Zero-click RCE vulnerability in Microsoft Outlook patched (CybersecurityNews)
    98d 17h

    ScoresSource
  4. [4.4]
    Threat actors exploited Windows 0-day for over a year (Ars Technica)
    99d 7h
    Source
  5. [3.4]
    Microsoft patches zero-day exploited for over a year (CVE-2024-38112) (Help Net Security)
    99d 16h
    Source
  6. [4.2]
    Microsoft fixes four zero-days in July Patch Tuesday (Infosecurity Magazine)
    99d 19h
    Source