"Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File"
"Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File"
Researchers have detailed two security flaws in Microsoft Outlook that, when exploited together, enable attackers to execute arbitrary code on impacted systems without requiring user interaction. They can both be triggered using a sound file. One of the flaws, tracked as CVE-2023-35384, is the second patch bypass discovered by Akamai researchers for a critical privilege escalation vulnerability in Outlook that Microsoft first patched in March.