Please share the following with your technical teams.
Information Security has noticed a recent Microsoft Outlook zero-day vulnerability exploited in the wild (CVE-2023-23397) which allows remote attackers to steal hashed passwords.
CVSS Score: 9.8/ Critical
An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user. No user interaction is needed as exploitation occurs when Outlook is open and the reminder is triggered on the system.
Affected Versions All supported versions of Microsoft Outlook for Windows are affected. Other versions of Microsoft Outlook, including Android, iOS, Mac, and Outlook on the web, as well as other M365 services, are not affected.
Attacker can use the hash to authenticate the user services.
We are aware that some users are unable to login to Concur from off campus. The vendor has now identified what is causing the problem and their team is working on providing a fix for the issue. However, this may take a few days.