===================================================================== 

CERT-Renater 

Note d'Information No. 2024/VULN086 
_____________________________________________________________________ 

DATE : 23/02/2024 

HARDWARE PLATFORM(S): / 

OPERATING SYSTEM(S): Systems running Microsoft Office 2016, 
Microsoft Office 2019, 
Microsoft Office LTSC 2021 
and Microsoft Office LTSC 2021 

===================================================================== 
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-005/ 
https://www.cve.org/CVERecord?id=CVE-2024-21413 
_____________________________________________________________________ 

Microsoft Outlook Remote Code Execution Vulnerability 

Summary : 

The CVE-2024-21413 vulnerability allows an attacker to bypass security 
measures in the Office suite, including the Outlook messaging solution. 
More specifically, its exploitation bypasses certain security measures 
in the Office suite that prevent access to an external resource 
without user validation. 

Thus, by using a malicious link in an e-mail, an attacker is able to : 
- obtain the user's NTLM digest, for example via the SMB protocol ; 
- if the target of the link is an Office document, cause the document 
to be opened without Microsoft Office's protected mode being activated, 
enabling remote execution of arbitrary code. 


Version Affected Solution 

For Office 2016 (32-bit edition) upgrade to build number 16.0.5435.1001 

For Office 2016 (64-bit edition)upgrade to build number 16.0.5435.1001 

For the other products affected, please refer to : 
https://aka.ms/OfficeSecurityReleases 

+-------------------------------------------------------------------- 

CVE-2024-21413 
Security Vulnerability 

Released: Feb 13, 2024 
Last updated: Feb 14, 2024 

Impact: Remote Code Execution 

Max Severity: Critical 

CVSS (v3.1) score : 
- 9.8 (métriques de base) 
- 8.5 (métriques de score temporel) 

URL: 
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-005/ 
https://www.cve.org/CVERecord?id=CVE-2024-21413 

========================================================= 
+ CERT-RENATER | tel : 01-53-94-20-44 + 
+ 23/25 Rue Daviel | fax : 01-53-94-20-41 + 
+ 75013 Paris | email:cert@support.renater.fr + 
=========================================================