You definitely want to update Microsoft Office.
MDSec beat me to it on CVE-2023-23397, it's supppper easy to exploit + works with remote images disabled - turns out the spec (which is open) has a function to specify a sound when an Outlook email arrives - which loads via UNC and sends NTML password hash for AD account to internet = no click cred theft, PoC in wild.
#CVE202323397 mdsec.co.uk/2023/03/exploiting…
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability - MDSec
Date: 14th March 2023 Today saw Microsoft patch an interesting vulnerability in Microsoft Outlook. The vulnerability is described as follows: Microsoft Office Outlook contains a privilege escalation vulnerability that allows...Admin (MDSec)
This entry was edited (2 years ago)