DESCRIPTION:
An elevation of privilege, high-risk vulnerability (CVE-2023-23397) exists in Microsoft Outlook. A successful exploit of this vulnerability can result in unauthorized access to an organization’s environment by triggering a Net-NTLMv2 hash leak.
AFFECTED RELEASES:
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1(32-bit editions)
Microsoft Outlook 2013 Service Pack 1(64-bit editions)
Microsoft Outlook 2016(32-bit edition)
Microsoft Outlook 2016(64-bit edition)
SOLUTION:
1. Microsoft has released an update for the vulnerability. Users and system administrators are advised to apply the security updates by the following link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397
REFERENCE:
1. https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
3. https://www.xmcyber.com/blog/cve-2023-23397-outlook-vulnerability/
4. https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10386
5. https://www.ithome.com.tw/news/155952