Mandiant reported a Critical vulnerability in Microsoft Outlook.  This vulnerability requires no user interaction and for which proof of concept exploits are now widely available. There is a possibility of privilege escalation with no user interaction or privileges required for exploitation. Following exploitation an attacker could authenticate to multiple services and move laterally. Exploitation of the zero-day is trivial, and it will likely be leveraged imminently by actors for espionage purposes or financial gain.

For a complete description of the vulnerabilities and affected systems go to CVE-2023-23397 Detail.

IT Security

Read more about IT Security service offerings.