• Information – Microsoft Critical Privilege Escalation Vulnerability – CVE-2023-23397

    15/03/2023 15:30:00 PM
    Microsoft have released security updates for a critical zero-day vulnerability in Outlook, Office, and Microsoft 365 Apps for Enterprise known as CVE-2023-23397. Microsoft have reported knowledge of targeted exploitation of this privilege escalation vulnerability that could potentially allow a malicious actor (or actors) to undertake credential theft. Investigations have confirmed that the NHSmail platform, which does not utilise NTLM as an authentication method, is not impacted by this vulnerability.

back to top