Microsoft Outlook new e-mail exploit

Share This Post

We are contacting you about a recently published and critical security vulnerability (CVSS 9.8 – CVE-2023-23397). This zero-day vulnerability affects Microsoft Outlook. Please note that this vulnerability does not affect Outlook for MacOS/iOS or Android. Only Windows users are affected.

What is this all about?

This vulnerability allows the attacker to steal a user’s credentials by sending a malicious email to the victim. It get even worse because processing the e-mail by Outlook is enough, so you don’t need to open the mail. This is called a no-user-interaction required exploit.

This is also confirmed by Microsoft and a patch is already out!

How do I update / patch my Outlook?

Follow this steps to update the Outlook client.

  1. Go to Outlook click on File > Office Account > About Outlook
    The version must be higher than 2301.

If the version is not higher than 2301 then update the Office Outlook client, follow the steps to update it.

  1. Go to Outlook click on File > Office Account > Update options
    The installation will start automatically and update the outlook client, in the meantime you can keep on working.


More To Explore

Exploring SELinux security Policies (Intro)

In the ever-evolving landscape of cybersecurity, safeguarding sensitive data and ensuring the integrity of systems has become the highest priority. One powerful tool in the

Odoo officiële partner

Jerbaco heeft het doel om hun klanten ten volle te ondersteunen en te ontzorgen.Voornamelijk op het gebied van technologie zijn ze een innovatieve partner voor