Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.
Hi all, please see this major site announcement: https://www.boards.ie/discussion/2058427594/boards-ie-2026

MS Outlook security problem 2023 - critical

  • 16-03-2023 09:12PM
    #1
    smuggler.ie
    Registered Users, Registered Users 2 Posts: 4,456 ✭✭✭


    Mods , feel free to move to appropriate forum if needed



    Not certain if it was announced to general public/private users yet, it was for MS partners, so... here you go:

    An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user.

    External attackers could send specially crafted emails that will cause a connection from the victim to an external UNC location of attackers' control. This will leak the Net-NTLMv2 hash of the victim to the attacker who can then relay this to another service and authenticate as the victim.

    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397

    Users urged to update MS office

    history of boards 2021




Advertisement