Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/mttaggart/statuses/113828376648322367">Taggart :donor: (mttaggart@infosec.exchange)'s status on Wednesday, 15-Jan-2025 05:46:12 JST</a><a href="https://infosec.exchange/@mttaggart" title="mttaggart@infosec.exchange"><img src="https://gnusocial.jp/avatar/117593-48-20241114173111.webp" width="48" height="48" alt="Taggart :donor:" style="position: absolute; left: 0; top: 0;">Taggart :donor:</a></section><article><p>Well dang CVE-2025-21298</p><p>This bug rates a CVSS 9.8 and allows a remote attacker to execute code on a target system by sending a specially crafted mail to an affected system with Outlook. The specific flaw exists within the parsing of RTF files. </p><p><a href="https://www.zerodayinitiative.com/blog/2025/1/14/the-january-2025-security-update-review" rel="nofollow">https://www.zerodayinitiative.com/blog/2025/1/14/the-january-2025-security-update-review</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4374912#notice-8556153">In conversation</a><time datetime="2025-01-15T05:46:12+09:00" title="Wednesday, 15-Jan-2025 05:46:12 JST">about 4 days ago</time> <span>from <span><a href="https://infosec.exchange/@mttaggart/113828376648322367" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@mttaggart/113828376648322367">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: images.squarespace-cdn.com</div><h5><a href="https://www.zerodayinitiative.com/blog/2025/1/14/the-january-2025-security-update-review">Zero Day Initiative — The January 2025 Security Update Review</a></h5><div> from <span>Dustin Childs</span></div></header><div>Welcome to the first Patch Tuesday of the new year. Even while preparing for  Pwn2Own Automotive , the second Tuesday still brings with it a bevy of security updates from Adobe and Microsoft. Take a break from avoiding your New Year’s resolutions and join us as we review the details of their latest</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Taggart :donor: (mttaggart@infosec.exchange)'s status on Wednesday, 15-Jan-2025 05:46:12 JST Taggart :donor:
Well dang CVE-2025-21298
This bug rates a CVSS 9.8 and allows a remote attacker to execute code on a target system by sending a specially crafted mail to an affected system with Outlook. The specific flaw exists within the parsing of RTF files.
https://www.zerodayinitiative.com/blog/2025/1/14/the-january-2025-security-update-review
In conversationabout 4 days ago from infosec.exchangepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: images.squarespace-cdn.com
  Zero Day Initiative — The January 2025 Security Update Review
  from Dustin Childs
  Welcome to the first Patch Tuesday of the new year. Even while preparing for Pwn2Own Automotive , the second Tuesday still brings with it a bevy of security updates from Adobe and Microsoft. Take a break from avoiding your New Year’s resolutions and join us as we review the details of their latest

Public

Embed Notice

HTML Code

Corresponding Notice