If you are concerned, you must act quickly.
The government site Cybermalveillance.gouv.fr triggered its “Cyber Alert” system this Monday concerning a “critical security flaw” in the Microsoft Outlook messaging service, recommending users to “update the affected systems” to limit the risks. of a cyber attack.
“A critical security flaw registered CVE-2024-21413 has been corrected in the Microsoft Outlook for Windows product,” indicates Cybermalveillance.gouv.com in a press release.
Affected systems are Microsoft Office 2016, Microsoft Office 2019, Microsoft Office LTSC 2021, and Microsoft 365 Apps.
The web messaging client is therefore not affected by the problem, communicates Microsoft.
Theft or destruction of data
What are the risks involved?
Although the flaw has been corrected, “cybercriminals could very soon exploit this vulnerability to carry out massive attacks against vulnerable systems,” specifies the specialized site.
Malicious actors would thus be likely to take remote control of the equipment of the people concerned.
And therefore to steal or destroy the personal data of these individuals.
If you are affected, it is strongly recommended to “apply the update” published by Microsoft as quickly as possible to the affected systems in order to correct this vulnerability and protect its exploitation, advises Cybermalveillance.gouv.fr.
Also read Operation Cronos: the masterstroke of the cyber police to take the LockBit 3 hackers offline
“Cyber Alert” is a system launched jointly by the National Information Systems Security Agency (ANSSI) and Cybermalveillance.gouv.com, aimed at encouraging “companies, communities and associations of all sizes” to “take the necessary measures to protect yourself” from cybercrime.
An alert of this type is extremely rare.
Since the tool was implemented in 2021, only eleven “Cyber Alerts” have been issued, including one involving Microsoft Outlook.