Home Microsoft CVE-2017-11774
CRITICAL: THIS VULNERABILITY IS ACTIVELY BEING EXPLOITED IN THE WILD (CISA KEV CATALOG)
Back to Microsoft

CVE-2017-11774

Exploited

Microsoft Office - Outlook

Microsoft CVSS 7.8 Updated April 30, 2026

Executive Risk Summary

"The Microsoft Outlook Security Feature Bypass Vulnerability allows an attacker to execute arbitrary commands due to how Microsoft Office handles objects in memory. This vulnerability affects Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016."

Anticipated Attack Path

  1. 1. Phishing or social engineering to trick the user into opening a malicious email or attachment
  2. 2. Exploitation of the vulnerability to execute arbitrary commands
  3. 3. Potential lateral movement and further exploitation of the compromised system

Am I Vulnerable?

  • Verify the version of Microsoft Outlook installed
  • Check for any suspicious emails or attachments
  • Monitor system logs for unusual activity

Operational Audit Arsenal

Target Type Process
Target Asset OUTLOOK.EXE
Standard Path C:\Program Files\Microsoft Office\Root\Office16
PowerShell 
# 🛠️ Senior Engineer Universal Audit
# Target: OUTLOOK.EXE (Process)
$Targets = 'OUTLOOK.EXE'
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")

Get-ChildItem -Path $SearchPaths -Include $Targets -Recurse -ErrorAction SilentlyContinue | 
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}

Patch Impact Forecast

Reboot Required Likely

Minimal to moderate disruption expected, depending on the system configuration and usage

Internal Work Notes

Microsoft Outlook Security Feature Bypass Vulnerability (CVE-2017-11774) - Apply latest security updates to prevent arbitrary command execution

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttp://www.securityfocus.com/bid/101098
Official Advisoryhttp://www.securitytracker.com/id/1039542
MSRC Advisoryhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774
Official Advisoryhttps://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/
Official Advisoryhttp://www.securityfocus.com/bid/101098
Official Advisoryhttp://www.securitytracker.com/id/1039542
MSRC Advisoryhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774
Official Advisoryhttps://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/
Official Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-11774

Related Microsoft Threats

CVE-2026-42901 CVSS 10

Microsoft Entra ID
CVE-2025-65041 CVSS 10

Microsoft Partner Center
CVE-2026-31957 CVSS 10

Microsoft Azure Entra ID and Intune - Himmelblau
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.