The Outlook email client is one of the most used by users along with Gmail, and a small vulnerability can end up being very dramatic for many.
Recently, Redmond confirmed that certain zero-day vulnerabilities were being exploited that affected Windows users, but a critical vulnerability with a rating of 9.8 out of 10 on the vulnerability scale went unnoticed, and unfortunately affects Outlook.
Although Microsoft has already published a patch for the CVE-2025-21298 vulnerability, it is likely that many users have not yet applied it, especially those who have paused automatic operating system updates.
The problem in this regard is that this vulnerability has a severity of 9.8 and makes use of the freed memory, corrupting valid data, and facilitating the distribution of malware remotely.
As they explain, this vulnerability affects the Windows object linking and embedding function, which basically allows you to embed documents and other objects, such as Excel graphics, in a Word document.
The worst of all, is that users could be infected only by opening the emailwithout having to interact with the attached files.
This is due, because the infection could even occur simply by previewing the emailso it is something very important.
“Exploitation of the vulnerability could involve the victim opening a specially crafted email with an affected version of Microsoft Outlook software or the victim’s Outlook application displaying a preview of a specially crafted email. This could cause the attacker to execute remote code on the victim’s machine.”
That is why those from Redmond urge that users the latest security updates released a few days ago are installed on your Windows operating system.
If this is not done, the user is exposed to the fact that simply opening an email could lead to arbitrary code execution to take full control of the system, including installing malicious software, or modifying or deleting data.
If for some reason the update patch cannot be applied, they recommend that access to the email be restricted or that it be displayed only as plain text so that relevant previews do not appear.
Get to know how we work in NoticiasVE.
Tags: Malware, Outlook