Email Content
Trellix is aware of CVE-2023-23397, recently released by Microsoft. CVE-2023-23397 is a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN manager (NTLM) credential theft. It is recommended that customers patch affected systems. This vulnerability is considered critical, with a CVSS(3.0) score of 9.8.
Due to the severity of this vulnerability, Trellix has created KB article, KB96418 "Trellix coverage for CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Vulnerability", to provide communication on actions customers can take to mitigate risk in their environment. Subscribe to the article to receive updates pertaining to related coverage and countermeasures.
See Also:
Due to the severity of this vulnerability, Trellix has created KB article, KB96418 "Trellix coverage for CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Vulnerability", to provide communication on actions customers can take to mitigate risk in their environment. Subscribe to the article to receive updates pertaining to related coverage and countermeasures.
See Also:
- MSRC - Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
- MSRC - Security Updates - Microsoft Outlook Elevation of Privilege Vulnerability
- NIST - CVE-2023-23397 Details
To receive information about product updates, sign up for the Support Notification Service.