all InfoSec news
Micropatch for Microsoft Outlook Notification File NTLM Hash Theft (CVE-2023-23397)
Malware Analysis, News and Indicators - Latest topics malware.news
March 2023 Windows Updates fixed CVE-2023-23397, a vulnerability in Microsoft Outlook that was found to be exploited in the wild since at least January this year. Microsoft revealed very little information but security researcher Dominic Chell of MDSec was quick to figure out what it was about and had a working exploit within hours of Microsoft's update release. Dominic's analysis was released soon thereafter, and POCs started cropping up all over the place.
The vulnerability allows an attacker to …
analysis cropping cve cve-2023-23397 exploit exploited file hash information january march microsoft microsoft outlook notification ntlm outlook pocs release researcher security security researcher theft update updates vulnerability windows windows updates working