Microsoft Fixed High-Risk Security Vulnerability CVE-2024-3802 in July

TapTechNews July 12th news, Microsoft Corporation released a security patch in July, fixing the high-risk security vulnerability with the tracking number CVE-2024-3802 and urging users to install and deploy it as soon as possible.

The vulnerability was discovered by the cyber security team Morphisec in April this year, which is considered to affect 500 million Outlook users and covers most Outlook versions, and can execute remote code without the need for user click interaction. Its CVSS3.1 base score is 8.8, and the temporal score (reflecting the impact of the vulnerability over time without being affected by the environment) is 7.7.

TapTechNews note: The Morphisec team said that in the worst-case scenario, hackers can use this vulnerability to access user data, execute malicious code, steal confidential data, and so on.

Due to the lack of user authentication, this vulnerability is particularly dangerous and needs to be resolved first. Microsoft initially classified this vulnerability as high (High) risk, but thought that the vulnerability could only be exploited in certain circumstances, while experts believe it should be regarded as critical (Critical).