Cybermalveillance.gouv.fr alerts users of Outlook, Microsoft’s messaging service, of a “critical security flaw”. Since February 26, the authorities have asked all people who use the service to “update the affected systems” to avoid a computer attack.
A critical flaw called CVE-2024-21413
Outlook
Outlook is a very comprehensive email client, email, task and schedule manager, which is part of the Microsoft 365 office suite.
-
Downloads:
702 -
Release date :
02/26/2024 -
Author :
Microsoft -
Licence :
Commercial license -
Categories:
Office automation – Communication
-
Operating system :
Android, Google Chrome Extension, Online Service, Windows 10/11, Windows 10/11, iOS iPhone / iPad / Apple Watch, macOS
This eleventh alert since the deployment of AlerteCyber in July 2021 explains that “cybercriminals could very soon exploit this vulnerability to carry out massive attacks against vulnerable systems”. This is the critical security flaw CVE-2024-21413 which exposes users to espionage, theft and even “destruction of data following remote control of the computers concerned”.
Outlook is not the only service affected by a breach, other Microsoft products being affected:
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft 365 Apps
If you connect to your Outlook email from your browser, you risk nothing. On the other hand, if you use an application, you will need to update it quickly to avoid computer attacks. Microsoft has already deployed a patch to address this vulnerability.
As BFM Tech & Co explains, it is mainly companies that could be targeted by hackers exploiting the CVE-2024-21413 flaw.