Subj : Microsoft fixes serious Outlook security flaw, so patch now
To   : All
From : TechnologyDaily
Date : Fri May 12 2023 13:15:03

Microsoft fixes serious Outlook security flaw, so patch now

Date:
Fri, 12 May 2023 12:11:55 +0000

Description:
Hackers have been successfully bypassing a previous Microsoft Outlook patch.

FULL STORY
======================================================================

Microsoft has patched a flaw in its Outlook email service which allowed 
threat actors to bypass a previously issued patch for a privilege escalation 
flaw. A patch for a patch, so to speak. 

Cybersecurity researcher Ben Barnea from Akamai recently discovered a 
zero-click bypass, which is now tracked as CVE-2023-29324. The flaw is 
present in all versions of Outlook, thus everyones vulnerable, he concluded. 

"All Windows versions are affected by the vulnerability. As a result, all 
Outlook client versions on Windows are exploitable," Barnea said. Everyone at 
risk 

Given that the bypass allows threat actors to exploit a known privilege 
escalation vulnerability, IT teams should apply the patch as soon as 
possible. 

The privilege escalation flaw that was patched earlier this year is tracked 
as CVE-2023-23397, it was said. Threat actors that abuse this flaw can engage 
in NTLM-relay attacks and grab NTLM hashes without needing the victims input. 
That can be done by sending a malicious message with extended MAPI 
properties, that contain UNC paths to custom notification sounds, the 
researchers explained at the time. That makes Outlook connect to SMB shares 
under the control of the attackers. Read more 

> Nearly all firms have some kind of cloud misconfiguration issue 


 > Many data breaches are being caused by misconfigured clouds 


 > Here's our list of the best endpoint security software 

To fix the issue, Microsoft included a MapUrlToZone call, which prevents UNC 
patsh from linking to internet URLs, and if they did, the sounds get replaced 
with default reminders. However, Barnea found that the URL in reminder 
messages can be altered, tricking the MapUrlToZone checks and having the 
feature accept remote paths and local paths. Consequently, Outlook ends up 
connecting to a server under the attackers control: 

"This issue seems to be a result of the complex handling of paths in 
Windows," Barnea said. 

The latest fix doesnt work as a standalone, Microsoft warned, saying users 
must apply the fix for both vulnerabilities in order to be protected. 

The company also said that known Russian state-sponsored attackers were 
leveraging these flaws in campaigns against government and military targets. 
These are the best firewalls 

Via: BleepingComputer



======================================================================
Link to news story:
https://www.techradar.com/news/microsoft-fixes-serious-outlook-security-flaw-s
o-patch-now


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.