CVE-2025-21298: Windows OLE Remote Code Execution Vulnerability

Use Microsoft Outlook to reduce the risk of users opening RTF Files from unknown or untrusted sources

To help protect against this vulnerability, we recommend users read email messages in plain text format.

For guidance on how to configure Microsoft Outlook to read all standard mail in plain text, please refer to Read email messages in plain text.

Impact of workaround: Email messages that are viewed in plain text format will not contain pictures, specialized fonts, animations, or other rich content. In addition, the following behavior may be experienced:

• The changes are applied to the preview pane and to open messages.
• Pictures become attachments so that they are not lost.
• Because the message is still in Rich Text or HTML format in the store, the object model (custom code solutions) may behave unexpectedly.