Please share the following with your technical teams.
Information Security has noticed a recent Microsoft Outlook zero-day vulnerability exploited in the wild (CVE-2023-23397) which allows remote attackers to steal hashed passwords.
Severity level
CVSS Score: 9.8/ Critical
Description
An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user. No user interaction is needed as exploitation occurs when Outlook is open and the reminder is triggered on the system.
Affected Versions All supported versions of Microsoft Outlook for Windows are affected. Other versions of Microsoft Outlook, including Android, iOS, Mac, and Outlook on the web, as well as other M365 services, are not affected.
Impact
Attacker can use the hash to authenticate the user services.
We have updated the ISO media on UIT Software FAS distribution share for the following Microsoft products, per February 2023 release update:
Server 2022 Datacenter/Standard
Windows 11 22H2 Education
Windows 10 22H2 Education
Per Microsoft:
When media is updated after its original release to include additional security and non-security fixes, the month/year of the update will be reflected in the file name.
We are aware that some users are unable to login to Concur from off campus. The vendor has now identified what is causing the problem and their team is working on providing a fix for the issue. However, this may take a few days.
Concur has been returned to its previous state and is available for use. UIT continues to work with the vendor to ensure service stability moving forward.
We apologize for the inconvenience this may have caused, and appreciate your patience as we continue to engage the vendor.