What kind of security feature could be bypassed by successfully exploiting this vulnerability? The attacker would be able to bypass the protection in Outlook that prevents an image from being shown automatically in an email. Depending on the user's settings, the user would normally need to choose to download images for display. If an attacker successfully exploited this vulnerability it could expose the target's IP information. How do I get the update for Outlook for Mac? Tap the Settings Icon Tap the iTunes & App Store Turn on AUTOMATIC DOWNLOADS for Apps Alternatively Tap the App Store Icon Scroll down to find Microsoft Outlook Tap the Update button If the preview pane is an attack vector, why is the severity for this vulnerability Important and not Critical? Even though the preview pane is an attack vector, the attacker cannot achieve remote code execution if they successfully exploit the vulnerability, but can only gain information from the victim. Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector.
<a href="https://twitter.com/r0ns3n">Ronnie Salomonsen</a> with <a href="https://www.mandiant.com/">Mandiant</a>