Close this search box.

Microsoft Outlook new e-mail exploit

Share This Post

We are contacting you about a recently published and critical security vulnerability (CVSS 9.8 – CVE-2023-23397). This zero-day vulnerability affects Microsoft Outlook. Please note that this vulnerability does not affect Outlook for MacOS/iOS or Android. Only Windows users are affected.

What is this all about?

This vulnerability allows the attacker to steal a user’s credentials by sending a malicious email to the victim. It get even worse because processing the e-mail by Outlook is enough, so you don’t need to open the mail. This is called a no-user-interaction required exploit.

This is also confirmed by Microsoft and a patch is already out!

How do I update / patch my Outlook?

Follow this steps to update the Outlook client.

  1. Go to Outlook click on File > Office Account > About Outlook
    The version must be higher than 2301.

If the version is not higher than 2301 then update the Office Outlook client, follow the steps to update it.

  1. Go to Outlook click on File > Office Account > Update options
    The installation will start automatically and update the outlook client, in the meantime you can keep on working.


More To Explore

Azure Kubernetes security common misconceptions

Azure Kubernetes Service (AKS) has emerged as a leading platform for container orchestration, offering scalability (with Keda), flexibility, and an easy management panel. However, like