A critical Windows OLE RCE (CVE-2025-21298) allows attackers to execute arbitrary code by convincing a user to open a malicious RTF file in Outlook. Organizations should apply the January 2025 Patch Tuesday update immediately and consider enabling Protected View for Office documents as a compensating control.
Windows OLE Remote Code Execution Vulnerability allows attackers to execute arbitrary code via a specially crafted file sent through email or a link.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →