VU#974272: Microsoft Outlook retrieves remote OLE content without prompting

Vulnerability Note VU#974272 Microsoft Outlook retrieves remote OLE content without prompting Original Release date: 10 Apr 2018 | Last revised: 10 Apr 2018 Overview When a Rich Text (RTF) email is previewed in Microsoft Outlook, remotely-hosted OLE content is retrieved without requiring any additional user interaction. This can leak private information including the user's password hash, which may be cracked by an attacker. Description Microsoft Outlook will automatically retrieve remote OLE content when an RTF email is previewed. When remote...