If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)

Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

MS Outlook security problem 2023 - critical

smuggler.ie · 2023-03-16 21:12:33

Mods , feel free to move to appropriate forum if needed Not certain if it was announced to general public/private users yet, it was for MS partners, so... here you go: An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack…

16-03-2023 9:12pm

#1

smuggler.ie

Registered Users, Registered Users 2 Posts: 4,256 ✭✭✭

Join Date: October 2015

Posts: 4205

Mods , feel free to move to appropriate forum if needed

Not certain if it was announced to general public/private users yet, it was for MS partners, so... here you go:
An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user.
External attackers could send specially crafted emails that will cause a connection from the victim to an external UNC location of attackers' control. This will leak the Net-NTLMv2 hash of the victim to the attacker who can then relay this to another service and authenticate as the victim.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
Users urged to update MS office

0