Security News > 2023 > March > Microsoft fixes Outlook zero-day used by Russian hackers since April 2022
Microsoft has patched an Outlook zero-day vulnerability exploited by a hacking group linked to Russia's military intelligence service GRU to target European organizations.
Microsoft shared this info in a private threat analytics report seen by BleepingComputer and available to customers with Microsoft 365 Defender, Microsoft Defender for Business, or Microsoft Defender for Endpoint Plan 2 subscriptions.
CVE-2023-23397 impacts all supported versions of Microsoft Outlook for Windows but doesn't affect Outlook for Android, iOS, or macOS versions.
Since online services like Outlook on the web and Microsoft 365 do not support NTLM authentication, they are not vulnerable to attacks exploiting this NTLM relay vulnerability.
Microsoft fixes Windows zero-day exploited in ransomware attacks.
Outlook for Mac now free, Microsoft 365 subscription not needed.
News URL
Related news
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- After Chrome patches zero-day used to target Russians, Firefox splats similar bug (source)
- Microsoft fixes button that restores classic Outlook client (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-14 | CVE-2023-23397 | Authentication Bypass by Capture-replay vulnerability in Microsoft products Microsoft Outlook Elevation of Privilege Vulnerability | 9.8 |