Key Findings: – Hyperlink Handling in Outlook: The research demonstrates that “file://” hyperlinks can be manipulated in a certain way which results in a bypass of the Outlook’s security measures such as Protected View. – The Vulnerability’s Impact: The #MonikerLink bug allows for a wide and serious impact, varying from leaking of local NTLM credential information to arbitrary code execution. This is due to the misuse of the Component Object Model (COM) on Windows, where Outlook incorrectly parses a specially crafted hyperlink to access COM objects. This process can bypass the Office Protected View, significantly increasing the risk of exploitation […]
The post Check Point Research Unveils Critical #MonikerLink Vulnerability in Microsoft Outlook with a 9.8 CVSS Severity Score appeared first on Check Point Blog.