Security News > 2024 > January > Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords
2024-01-29 13:31
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. "In an email attack scenario, an attacker could exploit the
News URL
https://thehackernews.com/2024/01/researchers-uncover-outlook.html
Related news
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-35636 | Unspecified vulnerability in Microsoft products Microsoft Outlook Information Disclosure Vulnerability | 0.0 |