Vulnerability identifier: #VU131
Vulnerability risk: High
Exploitation vector: Network
Exploit availability: No
A remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to an unknown error in Microsoft Outlook. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability will allow a remote attacker to execute arbitrary commands, access files and perform any actions with privileges of the current user.
To resolve this vulnerability vendor recommends installing the following updates:
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2013 RT
Use Windows Update to obtain the patch.
Microsoft Office 2016
Vulnerable software versions
Microsoft Outlook: 2010 Service Pack 2 - 2016
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.