Critical Microsoft Outlook bug PoC shows how easy it is to exploit

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,418
Microsoft yesterday released a patch for the security flaw but it has been exploited as a zero-day vulnerability in NTLM-relay attacks since at least mid-April 2022.The issue is a privilege escalation vulnerability with a 9.8 severity rating that affects all versions of Microsoft Outlook on Windows. An attacker can use it to steal NTLM credentials by simply sending the target a malicious email. No user interaction is needed as exploitation occurs when Outlook is open and the remainder is triggered on the system.
 

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,145
It is crucial to apply the recently-released patch for the Microsoft Outlook vulnerability, as it has been exploited as a zero-day vulnerability since mid-April. Attackers can steal NTLM credentials by sending a malicious email, and no user interaction is needed. This vulnerability affects all versions of Microsoft Outlook on Windows and has a high severity rating of 9.8.
 
  • Like
Reactions: Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top