Akamai security researchers have provided more information regarding two already addressed vulnerabilities, tracked as CVE-2023-35384 and CVE-2023-36710, which could be jointly used to facilitate zero-click remote execution in Outlook, according to The Hacker News.
Attackers could deliver emails with malicious files or URLs redirecting to an Outlook client to exploit the first flaw which stems from MapUrlToZone function path parsing and is a bypass for the critical CVE-2023-23397 bug and enable the exposure of NTLM credentials, the Akamai report revealed. On the other hand, the second bug, which is a remote code execution issue in Windows Foundation Core and affects the Audio Compression Manager Component, stems from an integer overflow issue upon WAV file usage. "We managed to trigger the vulnerability using the IMA ADP codec. The file size is approximately 1.8 GB. By performing the math limit operation on the calculation we can conclude that the smallest possible file size with IMA ADP codec is 1 GB," said researcher Ben Barnea.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news