Outlook Vulnerability – Critical Threat 3.15.23

March 16, 2023
News
2 min read

URGENT:

Microsoft released information this morning about a critical security vulnerability affecting Microsoft Outlook, and we want to make sure you are aware of it.  This is a very serious vulnerability that is already be exploited “in the wild.”  The Outlook email clients listed below are affected.

Microsoft identifies this vulnerability as CVE-2023-23397 and it is classified as a CRITICAL threat.  This vulnerability allows a remote person to take over your system/access by simply sending you an email, which you view in your Outlook desktop application.  You don’t even need to open the email to be affected by the vulnerability if you have a preview window.

As a result, we strongly advise that you take action to patch user systems within your organization immediately.

More information and remediation details can be found at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397

The following Outlook clients are impacted:

Release DateProductImpactMax SeverityArticleDownload
Mar 14, 2023Microsoft Outlook 2016 (64-bit edition)Elevation of PrivilegeCritical5002254Security Update
Mar 14, 2023Microsoft Outlook 2013 Service Pack 1 (32-bit editions)Elevation of PrivilegeCritical5002265Security Update
Mar 14, 2023Microsoft Outlook 2013 RT Service Pack 1Elevation of PrivilegeCritical5002265Security Update
Mar 14, 2023Microsoft Outlook 2013 Service Pack 1 (64-bit editions)Elevation of PrivilegeCritical5002265Security Update
Mar 14, 2023Microsoft Office 2019 for 32-bit editionsElevation of PrivilegeCriticalClick to RunSecurity Update
Mar 14, 2023Microsoft 365 Apps for Enterprise for 32-bit SystemsElevation of PrivilegeCriticalClick to RunSecurity Update
Mar 14, 2023Microsoft Office 2019 for 64-bit editionsElevation of PrivilegeCriticalClick to RunSecurity Update
Mar 14, 2023Microsoft 365 Apps for Enterprise for 64-bit SystemsElevation of PrivilegeCriticalClick to RunSecurity Update
Mar 14, 2023Microsoft Office LTSC 2021 for 64-bit editionsElevation of PrivilegeCriticalClick to RunSecurity Update
Mar 14, 2023Microsoft Outlook 2016 (32-bit edition)Elevation of PrivilegeCritical5002254Security Update
Mar 14, 2023Microsoft Office LTSC 2021 for 32-bit editionsElevation of PrivilegeCriticalClick to RunSecurity Update

At Tigunia we stand ready to assist you with protecting your computers and users from this threat.  Please contact your TAM or call Support at 866-562-8911 or via email at support@tigunia.com for assistance.