Security News > 2024 > January > Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords
2024-01-29 13:31
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. "In an email attack scenario, an attacker could exploit the
News URL
https://thehackernews.com/2024/01/researchers-uncover-outlook.html
Related news
- Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover (source)
- GhostRace – New Data Leak Vulnerability Affects Modern CPUs (source)
- Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724) (source)
- Hardware-level Apple Silicon vulnerability can leak cryptographic keys (source)
- New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys (source)
- New GoFetch Vulnerability in Apple’s M Chips Allows Secret Keys Leak on Compromised Computers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-35636 | Unspecified vulnerability in Microsoft products Microsoft Outlook Information Disclosure Vulnerability | 6.5 |