Microsoft Announces New Critical Outlook Vulnerabilities
Microsoft announced a new Critical (9.8 out of 10) vulnerability in Outlook. The exploit takes advantage of the way Outlook calendar reminders function and impacts any desktop installation of Outlook on a Windows PC, other versions of Microsoft Outlook such as Android, iOS, Mac, Outlook on the web and other M365 services are not affected.
Microsoft has released a patch to mitigate this exploit. Patching your Office suite is critical to ensure that you’re protected against this exploit.
Below you will find more information about the threat, how to protect yourself, and what we’re doing to keep you safe.
What is the vulnerability and why is it so severe?
It impacts any desktop installation of Outlook on a Windows PC
It requires no user interaction to exploit (even without Message Preview) and allows attackers lateral access to other resources
It has been found that this exploitation has gone back as far as December
What can I do to remediate this risk?
Please refer to CVE-2023-23397 Outlook updates to address this vulnerability, read FAQs, and additional mitigation details.
To address this vulnerability, you must install the Outlook security update, regardless of where your mail is hosted (e.g., Exchange Online, Exchange Server, some other platform) or your organization’s support for NTLM authentication.
To help you determine if your organization was targeted or compromised by threat actors exploiting this vulnerability, Microsoft Incident Response has published a guide for investigating attacks that use CVE-2023-23397 at Guidance for investigating attacks using CVE-2023-23397 – Microsoft Security Blog.
What does Catalyst IT do to help protect businesses they serve?
Using our version of Windows Update Manager, as part of our Managed IT Services, allows us to actively push updates to your PCs. Catalyst IT is also running scripts in the back end to force Office to update as soon as possible. We ask that you follow the guide instructions that you’ll receive, and make sure to restart your computer at the end of each business day to make sure your computer is protected as soon as possible. If you have any non-managed computer, you’ll be required to manually update it using the instructions.
What are the next steps?
If you’re a client of Catalyst IT, please know we are actively monitoring your business environment 24/7/365 looking for abnormal behavior and working diligently to protect you against attacks. If you have questions on this or any IT Management related issues, please feel free to contact us or call 877-843-9611.