Microsoft Warns of Outlook Zero

March 15, 2023 Ian

As we’ve come to expect from Microsoft, the company released its Patch Tuesday fixes for March 2021 today. Among the 80 security vulnerabilities that were patched, two stood out as zero-days being actively exploited in the wild.

One of the zero-days, CVE-2023-23397, is a flaw in Microsoft Outlook that could allow an attacker to execute arbitrary code on a target system. The other, CVE-2023-24880, is a high-severity Elevation of Privilege (EoP) vulnerability in Windows that could be exploited to gain control of an affected system.

CVE-2023-23397, aka “Outlook Zero-day,” has been exploited by a Russian state-sponsored hacking group known as APT29, also known as “The Dukes” and “Cozy Bear,” since at least April 2022. The CVE-2023-24880 EoP flaw, meanwhile, has been exploited by a ransomware group known as REvil, also known as “Sodinokibi,” since February 2021.

So far, there has been no indication that either of these vulnerabilities has been exploited in the wild by any other threat actors. However, given the high severity of both vulnerabilities, it is likely only a matter of time before we see more widespread exploitation.

As always, we recommend that users apply these security updates as soon as possible to help protect their systems. For more information on the individual vulnerabilities that were patched, you can check out Microsoft’s Security Update Summary for March 2021.

Ian

Ian is a tech blogger with a passion for all things technology. He has been writing about the latest gadgets and software for over 5 years, and has become a trusted voice in the tech community. Ian is known for his in-depth reviews and analysis of new products, as well as his ability to explain complex tech concepts in a way that is easy to understand. When he’s not busy blogging, Ian enjoys tinkering with his own gadgets and keeping up with the latest trends in the tech industry. Whether you’re a tech enthusiast or just looking for some helpful tips, Ian’s blog is a must-read for anyone interested in staying up-to-date on the latest tech news and innovations.

See author's posts

More Stories

a pink flowered tree in front of a stone wall

Twitter threatens to lock some accounts as soon as Monday

March 20, 2023 Ian
a herd of water buffalo standing in a muddy field

Hackers can take control of some Samsung or Pixel phones with just your phone number

March 17, 2023 Ian

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

March 17, 2023 Ian

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

two people holding hands over a table with a basket of bread

Newegg’s unique NAS configurator is a handy, but limited, shopping tool

March 21, 2023 Ian
a green bird perched on top of a red pole

Microsoft brings OpenAI’s DALL

March 21, 2023 Ian
the sun is shining over the ocean water

New method gets better performance out of atomically thin transistors

March 21, 2023 Ian
a patio with a table and chairs and a view of the ocean

MacGPT is the next must

March 21, 2023 Ian
a road surrounded by pine trees and snow

You can now download the March Pixel Watch update using that usual trick

March 21, 2023 Ian