Rackspace Response to Microsoft February 2024 Patch Tuesday Vulnerability

On February 13th, 2024, Microsoft released patches for 73 vulnerabilities – the Microsoft Security Guide is available here. Rackspace Cyber Threat Intelligence engineers are highlighting one vulnerability, classified as Critical, as especially notable.  

 CVE-2024-21413 is a vulnerability within Microsoft Office Outlook Preview Pane and successful exploitation of this vulnerability could cause complete compromise of the device. This exploit bypasses Protected View, and simply previewing an email could lead to compromise. It does not require authentication, user interaction, and has a low attack complexity. The impacted software is Microsoft Office 2016, 2019, and Microsoft 365 Applications.   

Rackspace engineers have performed an initial assessment and strongly recommend that customers review the advisory and ensure appropriate Microsoft Office patches are installed.   

Our security teams are actively monitoring the situation and will provide any associated updates via this blog.   

Should you have any questions or require assistance in responding to these vulnerabilities, please contact a support Racker via https://www.rackspace.com/login.