Microsoft Outlook Security Feature Bypass Vulnerability - CVE-2020-1229ID: oval:org.secpod.oval:def:63647 | Date: (C)2020-06-10 (M)2023-07-13 |
Class: VULNERABILITY | Family: windows |
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted system to the attacker. Exploitation of the vulnerability requires that a user open a specially crafted image with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted image to the user. The update addresses the vulnerability by changing how remote images are processed in Outlook.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
Microsoft Office 2010 |
Microsoft Office 2013 |
Microsoft 365 Apps for Enterprise |
Microsoft Office 2016 |
Microsoft Office 2019 |
Microsoft Word 2010 |
Microsoft Word 2013 |
Microsoft Word 2016 |