CVE-2024-20670

Summary

CVE-2024-20670 is a newly disclosed vulnerability affecting Outlook for Windows. This issue permits an attacker to perform email spoofing, making it seem as if the deceptive email originated from a trusted source. The spoofer can manipulate the email address, making it appear as if the message came from a known contact, increasing the likelihood of the recipient opening the email and potentially falling for phishing attacks. The exact cause of the vulnerability is still under investigation, but Microsoft urges users to update their Outlook software as soon as possible to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.