Microsoft Warns of Outlook Zero

As we’ve come to expect from Microsoft, the company released its Patch Tuesday fixes for March 2021 today. Among the 80 security vulnerabilities that were patched, two stood out as zero-days being actively exploited in the wild.

One of the zero-days, CVE-2023-23397, is a flaw in Microsoft Outlook that could allow an attacker to execute arbitrary code on a target system. The other, CVE-2023-24880, is a high-severity Elevation of Privilege (EoP) vulnerability in Windows that could be exploited to gain control of an affected system.

CVE-2023-23397, aka “Outlook Zero-day,” has been exploited by a Russian state-sponsored hacking group known as APT29, also known as “The Dukes” and “Cozy Bear,” since at least April 2022. The CVE-2023-24880 EoP flaw, meanwhile, has been exploited by a ransomware group known as REvil, also known as “Sodinokibi,” since February 2021.

So far, there has been no indication that either of these vulnerabilities has been exploited in the wild by any other threat actors. However, given the high severity of both vulnerabilities, it is likely only a matter of time before we see more widespread exploitation.

As always, we recommend that users apply these security updates as soon as possible to help protect their systems. For more information on the individual vulnerabilities that were patched, you can check out Microsoft’s Security Update Summary for March 2021.

Leave a Reply

Your email address will not be published. Required fields are marked *