External attackers can create specially crafted emails that will cause a connection from the victim to an external UNC location of attackers' control. Two of the releases address known Zero Days in Microsoft Office (CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Vulnerability) and Windows Operating Systems (CVE-2023-24880 - Windows SmartScreen Security Feature Bypass Vulnerability) which is related to last year's December's 2022 Patch Tuesday advisory for CVE-2022-44698 (Windows SmartScreen Security Feature Bypass Vulnerability).ĬVE-2023-23397 was observed being exploited in the wild by APT28/Fancy Bear attributed to the GRU which is an arm of the Russian government.ĬVE-2023-23397 - is an Elevation of Privilege vulnerability (EoP) in Microsoft Outlook where an attacker that successfully exploits this vulnerability can access a user's Net-NTLMv2 hash that could be used for an NTLM relay attack against another service to authenticate as the user. Today - March 14, 2023, Microsoft released 80 security updates for this month's Patch Tuesday release. IPS signature for CVE-2023-23397 (MS.Privilege) added to "What is the Status of Coverage?" section.
0 kommentar(er)
