![]() ![]() ![]() On March 14, Microsoft published a blog post regarding the discovery of this vulnerability. The discovery of this vulnerability is credited to the Computer Emergency Response Team of Ukraine (CERT-UA) and Microsoft research teams. Microsoft notes that this exploitation can occur before the email is viewed in the Preview Pane, meaning no interaction from the victim recipient is needed for a successful attack. The attacker can use this hash to authenticate as the victim recipient in an NTLM relay attack. When the email is processed by the server, a connection to an attacker-controlled device can be established in order to leak the Net-NTLMv2 hash of the email recipient. The vulnerability can be exploited by sending a malicious email to a vulnerable version of Outlook. ![]() Remote code execution (RCE) vulnerabilities accounted for 32.9% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities at 26.3%.ĬVE-2023-23397 is an elevation of privilege vulnerability in Microsoft Outlook that was assigned a CVSSv3 score of 9.8 and was exploited in the wild. Windows Point-to-Point Protocol over Ethernet (PPPoE).Windows Internet Key Exchange (IKE) Protocol.Remote Access Service Point-to-Point Tunneling Protocol.Internet Control Message Protocol (ICMP).Client Server Run-time Subsystem (CSRSS).This month’s update includes patches for: This CVE count includes two CVEs (CVE-2023-1017 and CVE-2023-1018) in the third party Trusted Platform Module (TPM2.0) Library. ![]() Microsoft patched 76 CVEs in its March 2023 Patch Tuesday Release, with nine rated as critical, 66 rated as important and one rated as moderate. Update March 16: The blog has been updated to include additional information on CVE-2023-23397, including a link to a detailed writeup on the ease of exploitation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |