Headline
About Remote Code Execution – Windows OLE (CVE-2025-21298) vulnerability
About Remote Code Execution – Windows OLE (CVE-2025-21298) vulnerability. The vulnerability is from the January Microsoft Patch Tuesday. OLE (Object Linking and Embedding) is a technology for linking and embedding objects into other documents and objects, developed by Microsoft. A common use of this technology is embedding an Excel table in a Word document. What […]
About Remote Code Execution – Windows OLE (CVE-2025-21298) vulnerability. The vulnerability is from the January Microsoft Patch Tuesday. OLE (Object Linking and Embedding) is a technology for linking and embedding objects into other documents and objects, developed by Microsoft. A common use of this technology is embedding an Excel table in a Word document.
What is this vulnerability about? The attacker’s code executes when a specially crafted RTF document is opened or when a malicious email is opened or previewed in Microsoft Outlook. In the second case, no action is required from the victim other than clicking on the message. 🤷♂️ Microsoft recommends viewing messages in Outlook only in plain text.
On January 20, an exploit PoC appeared on GitHub that demonstrates Memory Corruption when opening an RTF document. Now we are waiting for an RCE exploit for Outlook. 😉
There have been no reports of attacks yet.
Fix this vulnerability ASAP!
На русском
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Related news
New episode “In the Trend of VM” (#12): 8 February CVEs & Why the Darknet Matters for VM Specialists. Now with a new design and new video editing. 😉 📹 Video on YouTube and LinkedIn🗞 Post on Habr (rus)🗒 Digest on the PT website Content: 🔻 00:00 Greetings 🔻 00:23 Remote Code Execution – Windows […]
January Microsoft Patch Tuesday. 170 CVEs, 10 of them were added since December MSPT. 3 exploited in the wild: 🔻 EoP – Windows Hyper-V NT Kernel Integration VSP (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335). No details yet. No vulnerabilities have public exploits. 5 have private ones: 🔸 Security Feature Bypass – Microsoft Update Catalog (CVE-2024-49147), MapUrlToZone (CVE-2025-21268, CVE-2025-21189)🔸 […]
Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting.
Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three "zero-day" weaknesses that are already under active attack. Redmond's inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.
Microsoft has released its monthly security update for January of 2025 which includes 159 vulnerabilities, including 10 that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”