Microsoft Outlook Vulnerability
Microsoft has released a recent advisory regarding a critical security vulnerability affecting Windows systems (Servers and Endpoints) using Microsoft Outlook CVE-2023-23397.
Microsoft has issued a recent advisory regarding a critical security vulnerability affecting Windows systems (Servers and Endpoints) using Microsoft Outlook CVE-2023-23397.
This CRITICAL Vulnerability allows Cyber Criminals to steal credentials of Microsoft Outlook users with minimal complexity or effort. This vulnerability can be exploited by sending an email to a target user but does not require that user to open the email. It poses a dire threat to vulnerable organizations, as Cyber Criminals can repeatedly execute this attack and commandeer user accounts while the user is completely unaware.
Impact to Services
All customers with supported versions of Microsoft Outlook application for Windows are affected. Outlook for Mac, iOS or Android, or Outlook on the web are not affected.
To protect your organization, Microsoft and BOXX Hackbusters recommends that all organizations install the latest security patch for Microsoft Outlook immediately. To do this yourself you should do the following:
- Open Outlook
- Click on the File menu
- Click on Office Account (some older versions may just say Account)
- Click on Update Options
- Select Update Now
If your organization usually manages updates, please verify with your IT Service Desk and ensure that they update all impacted systems.
5 crisis communications tips that work
Those that have been confronted with this reality realize that responding to a cyber attack is very different from other types of corporate crisis – strong and clear communication from the front line becomes vital.
Reducing the risk of RDP brute force attacks
RDP brute force attacks are commonly used by hackers targeting remote working employees, and this new control will make brute forcing much harder.
Sign up for the BOXX Insurance Newsletter
Get the latest updates about Cyber Insurance and Protection with our newsletter.