CVE-2024-20670
CVSS 3.1 Score 8.1 of 10 (high)
Details
Summary
CVE-2024-20670 is a newly disclosed spoofing vulnerability affecting Outlook for Windows. Attackers can exploit this issue to manipulate email addresses in the display name, potentially deceiving users into revealing sensitive information or downloading malicious content. This vulnerability poses a significant risk to organizations and individuals who rely on Outlook for email communication. Microsoft is currently working on a patch to address this issue and users are encouraged to apply it as soon as it becomes available. Until then, it is recommended to exercise caution when opening emails from unfamiliar sources and to verify email addresses before taking any action.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Office Outlook
Affected Vendors
- Microsoft