Overview
Explore a detailed cybersecurity conference talk that delves into critical Outlook vulnerabilities, particularly focusing on CVE-2024-30103 and its implications for remote code execution. Learn how seemingly harmless empty emails can trigger RCE through invisible forms and COM objects, starting with CVE-2024-21378. Discover the evolution of multiple attack vectors in Microsoft Outlook, including vulnerabilities that can lead to NTLM leaks from domain-joined devices. Follow the speakers' journey through the attack surface timeline, understanding how these exploits developed and transformed over time. Gain valuable insights into practical defense strategies and specific recommendations for mitigating these security threats in your organization's email infrastructure.
Syllabus
DEF CON 32 - Outlook Unleashing RCE Chaos CVE 2024 30103 - Michael Gorelik, Arnold Osipov
Taught by
DEFCONConference