tryhackme

Moniker Link (CVE-2024-21413)

CVE-2024-21413 is a critical vulnerability in Microsoft Outlook that exploits improper handling of specially crafted hyperlinks known as Moniker Links. An attacker can embed a malicious link in an email that bypasses Outlook security features such as Protected View. When processed, it may trigger outbound connections, leading to NTLM credential leakage and potentially remote code execution, often with little or no user interaction.