CVE-2023-23397 is a security vulnerability in Microsoft Outlook, which could expose sensitive user information and allow threat actors to exploit network resources. In this blog post, we’ll discuss the vulnerability, its potential impact, and the steps you can take to safeguard your Outlook account.
Understanding CVE-2023-23397
CVE-2023-23397 is an identified vulnerability in the way Microsoft Outlook handles received messages that contain a note object with a reminder. Microsoft Outlook automatically processes those messages in the background, on receipt. Using this vulnerability, it is possible for a threat actor to:
- send a specially-created note to an Outlook user
- have the note be received by Microsoft Outlook
- have Microsoft Outlook process the note reminder in the background
- and then have Microsoft Outlook reach out to an arbitrary Internet address of the threat actor’s choice
As part of that process, Microsoft Outlook exposes the user’s network account name, and privileged information about the user’s network account current authentication. A threat actor could then use that exposed information to attempt to exploit other network resources in the user’s network that the threat actor can contact. In response to this issue, Microsoft released an update on March 14, 2023, to prevent Outlook from exposing user details to internet sources.
How to Mitigate the Vulnerability
- Use Microsoft 365 multi-factor authentication: This can prevent threat actors from easily using compromised authentication information.
- Keep Microsoft 365 Apps up to date: If you have a Microsoft 365 Business Premium or higher subscription, your apps will automatically update, ensuring protection against CVE-2023-23397.
- Verify your Microsoft 365 Apps version: To check if your app is up to date, open any Microsoft app, click “File,” then “Office Account.” The version number should be 16130.20306 (released March 14, 2023) or higher.
What If You’re Not a Microsoft 365 Apps Subscriber?
We recommend subscribing to Microsoft 365 Business Premium or higher to receive automatic updates for your Microsoft application suite. If you’re using a standalone or older version of Microsoft Office, you’ll need to manually install the Microsoft patches for Outlook, available here.
By taking the necessary steps to safeguard your Microsoft Outlook account, you can protect sensitive user information and prevent unauthorized access to network resources. Keep your software up to date and utilize multi-factor authentication to stay secure against the CVE-2023-23397 vulnerability.