Windows Spoofing Vulnerability Affects Outlook Users
CVE-2024-20670

8.1HIGH

Key Information:

Vendor: Microsoft
Status: Outlook For Windows
Vendor: CVE Published:; 9 April 2024

Badges

📰 News Worthy

Summary

The Windows Spoofing Vulnerability, tagged as CVE-2024-20670, affects Outlook for Windows users. It is part of a record-breaking Patch Tuesday release from Microsoft, which includes fixes for 147 vulnerabilities. The impact and potential exploitation of this vulnerability are not specified, and there is no indication of any exploitation by ransomware groups.

Affected Version(s)

Outlook for Windows Unknown 1.0.0 < 1.2023.0322.0100

News Articles

Krebs on Security

CVE-2024-20670

Tag: CVE-2024-20670

Tag Archives: CVE-2024-20670 April’s Patch Tuesday Brings Record Number of Fixes If only Patch Tuesdays came around infrequently — like total solar...

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

📰
First article discovered by Krebs on Security
Apr 14, 2024
Vulnerability published
Apr 9, 2024
Vulnerability Reserved
Nov 28, 2023

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Tag: CVE-2024-20670

References

EPSS Score

CVSS V3.1

Timeline