A significant security vulnerability has been detected in Microsoft messaging. Without even opening a message, your PC may find itself infected with vicious malware if you do not install the latest patch from the American firm.
During its first Patch Tuesday of 2025, published on Tuesday January 14, Microsoft corrected a very large number of flaws in its software, from Windows to Office including associated apps. In total, 159 security patches have been deployed. Which makes this Patch Tuesday the most important patch made to Microsoft services since 2017.
Among the flaws detected, three were exploited by hackers. One of them caught the attention of Microsoft because it primarily targeted Outlook users. A flaw which has since been corrected and which prevents millions of users from having their PCs hacked.
Outlook vulnerability: a simple preview is enough to infect a PC
More precisely, the flaw concerned is referenced CVE-2025-21298. If its technical nature is quite complex, as always, its consequences turn out to be as simple as they are dangerous. Indeed, by exploiting it, attackers can very easily infect a PC using a simple corrupted email. The trick is that you don’t even need to open the infected message in Outlook: a simple preview displayed in the email is enough to execute the malicious code and contaminate the PC!
And to make everything better, the CVE-2025-21298 flaw concerns several versions of Windows, namely Windows 10, 11 and Windows Server 2008 (R2), 2012, 2016, 2019, 2022 and 2025. That is, several tens of millions of users. of PC!
Fortunately, Microsoft quickly found a solution by closing the flaw using a patch distributed in January’s Patch Tuesday. It is therefore essential to install it as quickly as possible on your PC, by going to Windows Update as always. If you haven’t done so yet, be wary using Outlook, especially if message preview is enabled. Microsoft therefore recommends opening emails from unknown senders in plain text mode. A solution which causes some restrictions in the display of messages, and in particular the layout, but which leaves the PC safe from unexpected hacking.