CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability - Severity 9.8

There is a new critical CVE for Microsoft Outlook: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413)

Is this another case of CVE-2023-23397 of last year where there is a critical need to patch?

So far the attack description seems pretty vague, and there is not much more info about it. It does mention it can "lead to the leakage of local NTLM credential information", which seems pretty critical but its still hard to say without at least a proof-of-concept. Thoughts?

​

attack can case credential critical cve cve-2023-23397 cybersecurity far hard info information local ntlm patch