CVE-2017-11774

Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."

  • OS
    Any OS
  • Version
    Any Version
  • Type
    Any Type

56 fixes found:

    Workaround

    Prevent Word from loading RTF files
    Published Date:Mar 14, 2017
    Updated Date:Mar 14, 2017

      Workaround

      Set Internet and Local intranet security zone settings to High to block ActiveX Controls and Active Scripting in these zones (Mitigation)
      Published Date:Mar 14, 2017
      Updated Date:Mar 14, 2017
      • Version Update

        Description of the security update for Outlook 2010: December 8, 2020
        Published Date:Dec 8, 2020
        Updated Date:Dec 8, 2020
        Source:Windows
        • Version Update

          Description of the security update for Outlook 2010: December 8, 2020
          Published Date:Dec 8, 2020
          Updated Date:Dec 8, 2020
          Source:Windows
          • Version Update

            Description of the security update for Outlook 2013: December 8, 2020
            Published Date:Dec 8, 2020
            Updated Date:Dec 8, 2020
            Source:Windows
            • Version Update

              Description of the security update for Outlook 2013: December 8, 2020
              Published Date:Dec 8, 2020
              Updated Date:Dec 8, 2020
              Source:Windows
              • Version Update

                Description of the security update for Outlook 2016: December 8, 2020
                Published Date:Dec 8, 2020
                Updated Date:Dec 8, 2020
                Source:Windows
                • Version Update

                  Description of the security update for Outlook 2016: December 8, 2020
                  Published Date:Dec 8, 2020
                  Updated Date:Dec 8, 2020
                  Source:Windows