Security News > 2024 > April > Microsoft fixes Outlook security alerts bug caused by December updates
![Microsoft fixes Outlook security alerts bug caused by December updates](/static/build/img/news/microsoft-fixes-outlook-security-alerts-bug-caused-by-december-updates-medium.jpg)
Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening.
ICS calendar files after installing the December 2023 Outlook Desktop security updates.
The December Patch Tuesday security updates behind these inaccurate warnings patch the CVE-2023-35636 Microsoft Outlook information disclosure vulnerability, which attackers can exploit to steal NTLM hashes via maliciously crafted files.
Microsoft has now found a fix for this issue and is shipping it with Outlook for Microsoft 365 Version 2404 Build 17531.
Microsoft Outlook December updates trigger ICS security alerts.
Microsoft fixes Outlook clients not syncing over Exchange ActiveSync.
News URL
Related news
- Microsoft: New Outlook security changes coming to personal accounts (source)
- Microsoft finally fixes Outlook alerts bug caused by December updates (source)
- Azure Service Tags tagged as security risk, Microsoft disagrees (source)
- Microsoft shows venerable and vulnerable NTLM security protocol the door (source)
- Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) (source)
- Microsoft delays Windows Recall amid privacy and security concerns (source)
- Microsoft Delays AI-Powered Recall Feature for Copilot+ PCs Amid Security Concerns (source)
- Microsoft delays Windows Recall rollout, more security testing needed (source)
- Microsoft answered Congress' questions on security. Now the White House needs to act (source)
- Microsoft Photos update brings requested features to Windows 11 (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-12 | CVE-2023-35636 | Unspecified vulnerability in Microsoft products Microsoft Outlook Information Disclosure Vulnerability | 6.5 |