Risk Scores
EPSS Score
0.41%
61.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Excel 2016 | |
| Microsoft | Microsoft Skype for Business 2016 (32-bit) | |
| Microsoft | Microsoft Outlook 2016 | |
| Microsoft | Microsoft PowerPoint 2016 | |
| Microsoft | Microsoft Office LTSC 2021 | |
| Microsoft | Microsoft Office 2016 | |
| Microsoft | Microsoft Visio 2016 | |
| Microsoft | Microsoft Office 2019 | |
| Microsoft | Microsoft Skype for Business 2016 (64-bit) | |
| Microsoft | Microsoft 365 Apps | |
| Microsoft | Microsoft Word 2016 | |
| Microsoft | Microsoft Skype for Business Server 2019 CU7 | |
| Microsoft | Microsoft Teams for Android | |
| Microsoft | Microsoft Publisher 2016 |
Timeline
- Jul 2, 2021 PoC Published
- Feb 13, 2024 CVE Published
- Feb 14, 2024 EPSS Score
- Mar 12, 2024 EPSS Score
- Apr 7, 2024 EPSS Score
- May 30, 2024 EPSS Score
- Jun 26, 2024 EPSS Score
- Jul 22, 2024 EPSS Score
- Aug 18, 2024 EPSS Score
- Sep 13, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Nov 5, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0389.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0389 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/ advisory
- https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-microsoft-outlook-now-exploited-in-attacks/ exploit