Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows OLE Remote Code Execution Vulnerability
Vulnerability
A remote code execution vulnerability has been identified in Windows OLE (Object Linking and Embedding) technology. This vulnerability allows an attacker to execute arbitrary code on the victim's machine. It is present in several versions of Windows Server and Windows 10, as well as in Windows 11 and Windows Server 2022. The vulnerability can be exploited by sending a specially crafted email that is opened or previewed in an affected version of Microsoft Outlook.
Impact
Exploitation of this vulnerability could lead to remote code execution on the affected system.
Remediation
Users can apply the security update KB5050009 to address this vulnerability. This update is available through the Microsoft Update Catalog. Additionally, users can configure Microsoft Outlook to read all email messages in plain text to reduce the risk of exploitation.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
4.4remediation
7.7relevance
0.0threat
1.5urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.