Latest Alerts

Microsoft Outlook Vulnerability

Microsoft has released a recent advisory regarding a critical security vulnerability affecting Windows systems (Servers and Endpoints) using Microsoft Outlook CVE-2023-23397.

Laptop that is undergoing an error

Summary

Microsoft has issued a recent advisory regarding a critical security vulnerability affecting Windows systems (Servers and Endpoints) using Microsoft Outlook CVE-2023-23397.

This CRITICAL Vulnerability allows Cyber Criminals to steal credentials of Microsoft Outlook users with minimal complexity or effort. This vulnerability can be exploited by sending an email to a target user but does not require that user to open the email. It poses a dire threat to vulnerable organizations, as Cyber Criminals can repeatedly execute this attack and commandeer user accounts while the user is completely unaware.

 

Impact to Services

All customers with supported versions of Microsoft Outlook application for Windows are affected. Outlook for Mac, iOS or Android, or Outlook on the web are not affected.

 

Actions

To protect your organization, Microsoft and BOXX Hackbusters recommends that all organizations install the latest security patch for Microsoft Outlook immediately. To do this yourself you should do the following:

  • Open Outlook
  • Click on the File menu
  • Click on Office Account (some older versions may just say Account)
  • Click on Update Options
  • Select Update Now

If your organization usually manages updates, please verify with your IT Service Desk and ensure that they update all impacted systems.

Related Posts

Cyber Tips 5 crisis communications tips that work

5 crisis communications tips that work

Those that have been confronted with this reality realize that responding to a cyber attack is very different from other types of corporate crisis – strong and clear communication from the front line becomes vital.

02/03/2022
Cyber Tips Reducing the risk of RDP brute force attacks

Reducing the risk of RDP brute force attacks

RDP brute force attacks are commonly used by hackers targeting remote working employees, and this new control will make brute forcing much harder.

18/08/2022

Sign up for the BOXX Insurance Newsletter

Get the latest updates about Cyber Insurance and Protection with our newsletter.