Outlook Elevation of Privilege Vulnerability Leaks Credentials via NTLM



Among the latest set of patches released by Microsoft, a fix for CVE-2023-23397 is available to fix an NTLM vulnerability in Outlook for Windows clients. The update closes a hole where attackers can use specially formatted messages to force NTLM credentials to be sent outside the organization.



0 Replies