Detections
Analytics
CVE-2023-23397
critical
Description
Microsoft Outlook Elevation of Privilege Vulnerability
From the Tenable Blog
Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)
Published: 2023-03-14
Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.
References
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html
https://securityintelligence.com/x-force/itg05-leverages-malware-arsenal/
https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html?&web_view=true
https://thehackernews.com/2023/12/beware-experts-reveal-new-details-on.html
https://thehackernews.com/2023/12/russian-apt28-hackers-targeting-13.html?&web_view=true
https://www.tenable.com/blog/microsoft-patch-tuesday-2023-year-in-review
https://securityaffairs.com/155420/apt/apt8-exploited-outlook-0day-target-nato.html
https://unit42.paloaltonetworks.com/russian-apt-fighting-ursa-exploits-cve-2023-233397/
https://meterpreter.org/proofpoint-uncovers-ta422-apt28s-dedicated-phishing-exploitation-loop/
https://therecord.media/unpatched-microsoft-outlook-email-attacks-fancy-bear
https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html
https://www.mandiant.com/resources/blog/zero-days-exploited-2022
https://www.tenable.com/blog/microsofts-march-2023-patch-tuesday-addresses-76-cves-cve-2023-23397
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397