Outlook Elevation of Privilege Vulnerability Leaks Credentials via NTLM
Among the latest set of patches released by Microsoft, a fix for CVE-2023-23397 is available to fix an NTLM vulnerability in Outlook for Windows clients. The update closes a hole where attackers can use specially formatted messages to force NTLM credentials to be sent outside the organization.
March 15, 2023