A critical Windows OLE RCE (CVE-2025-21298) allows attackers to execute arbitrary code by convincing a user to open a malicious RTF file in Outlook. Organizations should apply the January 2025 Patch Tuesday update immediately and consider enabling Protected View for Office documents as a compensating control.
Windows OLE Remote Code Execution Vulnerability allows attackers to execute arbitrary code via a specially crafted file sent through email or a link.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →