Blog Security Research CreateRCE — Yet Another Vulnerability in CreateUri Ben Barnea is a Security Researcher at Akamai with interest and experience in conducting low-level security research and vulnerability research across various architectures, including Windows, Linux, IoT, and mobile. He enjoys learning how complex mechanisms work and, more important, how they fail. Akamai researcher Ben Barnea found a critical vulnerability in Microsoft Windows, which was assigned CVE-2023-35628. Executive summary \r\n Akamai researcher Ben Barnea found a critical vulnerability in Microsoft Windows, which was assigned CVE-2023-35628 . \r\n \r\n An attacker on the internet can trigger the vulnerability against Outlook clients without any user interaction (zero-click) . \r\n \r\n The vulnerability lies in the parsing of a path by the CreateUri function.…