Security News > 2023 > March > Microsoft shares tips on detecting Outlook zero-day exploitation
Microsoft today published a detailed guide aiming to help customers discover signs of compromise via exploitation of a recently patched Outlook zero-day vulnerability.
Microsoft also shared guidance on how to block future attacks targeting this vulnerability, urging organizations to install the recently released Outlook security update.
"To address this vulnerability, you must install the Outlook security update, regardless of where your mail is hosted or your organization's support for NTLM authentication," the Microsoft Incident Response team said.
"While leveraging NTLMv2 hashes to gain unauthorized access to resources is not a new technique, the exploitation of CVE-2023-23397 is novel and stealthy," the Microsoft Incident Response team added.
Microsoft fixes Outlook zero-day used by Russian hackers since April 2022.
Outlook for Mac now free, Microsoft 365 subscription not needed.
News URL
Related news
- Microsoft fixes Outlook email sending issue for users with many folders (source)
- Qualcomm zero-day under targeted exploitation (CVE-2024-43047) (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Microsoft Outlook bug blocks email logins, causes app crashes (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- Microsoft Outlook workaround fixes freezes when copying text (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-14 | CVE-2023-23397 | Authentication Bypass by Capture-replay vulnerability in Microsoft products Microsoft Outlook Elevation of Privilege Vulnerability | 9.8 |