Click with Caution: The Moniker Link Vulnerability (CVE-2024-21413) Exposed | Threat Snapshot
Did you catch the Moniker Link vulnerability from Microsoft’s recent “Patch Tuesday“? It’s not often that a 9.8 CVSS remote code execution flaw is identified in one of Microsoft’s products. But does it live up to the hype? Tracked as CVE-2024-21413, this security flaw could lead to NTLM credential theft and potentially allow remote code execution through manipulated hyperlinks in Microsoft Outlook. The flaw underscores the risks associated with the Component Object Model (COM) in Windows and prompts a broader conversation on the security of software that utilizes COM APIs insecurely. In the latest Threat SnapShot, we’ll break down how the attack works and what artifacts it leaves behind, helping to create behavioral detections and hunting queries to protect your organization.
References:
-
-
5 months ago 00:01:00 1
5 months ago 00:08:31 1
5 months ago 00:08:23 1
5 months ago 00:05:17 1
5 months ago 00:16:47 1
5 months ago 00:08:44 1
5 months ago 00:04:23 1
5 months ago 00:00:07 1
5 months ago 00:13:22 1
5 months ago 00:02:42 1
5 months ago 00:00:54 1
5 months ago 00:00:10 1
5 months ago 00:06:17 1
5 months ago 00:04:06 1
5 months ago 00:24:51 1
5 months ago 00:41:09 1
5 months ago 00:01:00 1
5 months ago 00:19:21 1
5 months ago 00:04:59 1
5 months ago 00:03:50 1
5 months ago 01:19:54 1
5 months ago 00:03:56 1
5 months ago 00:03:01 1
5 months ago 00:09:35 1
