Multiple vulnerabilities in Microsoft Apps

Description

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Skype for Consumer can be exploited remotely to execute arbitrary code.
2. An elevation of privilege vulnerability in Microsoft Intune Linux Agent can be exploited remotely to gain privileges.
3. An information disclosure vulnerability in Outlook for Android can be exploited remotely to obtain sensitive information.
4. An elevation of privilege vulnerability in Microsoft Authenticator can be exploited remotely to gain privileges.

Original advisories

• CVE-2024-21411

• CVE-2024-26201
• CVE-2024-26204
• CVE-2024-21390

Exploitation

Public exploits exist for this vulnerability.

Related products

• Microsoft-Outlook
• Skype-for-Windows

CVE list

• CVE-2024-21411
  critical
• CVE-2024-26201
  high
• CVE-2024-26204
  critical
• CVE-2024-21390
  high

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com