Critical Microsoft Outlook bug PoC shows how easy it is to exploit

vtqhtr413

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,485
Microsoft yesterday released a patch for the security flaw but it has been exploited as a zero-day vulnerability in NTLM-relay attacks since at least mid-April 2022.The issue is a privilege escalation vulnerability with a 9.8 severity rating that affects all versions of Microsoft Outlook on Windows. An attacker can use it to steal NTLM credentials by simply sending the target a malicious email. No user interaction is needed as exploitation occurs when Outlook is open and the remainder is triggered on the system.
Click to expand...
www.bleepingcomputer.com

Critical Microsoft Outlook bug PoC shows how easy it is to exploit

Security researchers have shared technical details for exploiting a critical Microsoft Outlook vulnerability for Windows (CVE-2023-23397) that allows hackers to remotely steal hashed passwords by simply receiving an email.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
  • Wow
Reactions: silversurfer, Gandalf_The_Grey, MuzzMelbourne and 2 others
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,409
It is crucial to apply the recently-released patch for the Microsoft Outlook vulnerability, as it has been exploited as a zero-day vulnerability since mid-April. Attackers can steal NTLM credentials by sending a malicious email, and no user interaction is needed. This vulnerability affects all versions of Microsoft Outlook on Windows and has a high severity rating of 9.8.
 
  • Like
Reactions: Gandalf_The_Grey

Similar threads

CyberTech
    • +Reputation
Security News Veeam warns of critical bugs in Veeam ONE monitoring platform
Replies
0
Views
1,076
Security News
CyberTech
CyberTech
Gandalf_The_Grey
    • Like
    • +Reputation
Security News December Android updates fix critical zero-click RCE flaw
Replies
0
Views
1,319
Security News
Gandalf_The_Grey
Gandalf_The_Grey
F
    • Like
    • +Reputation
Security News Windows Kernel bug fixed last month exploited as zero-day since August
Replies
0
Views
1,060
Security News
Freki123
F

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top