New Windows Zero-click RCE Flaw Let Attackers Exploit Outlook Clients

Microsoft recently reported that CVE-2023-23397, a critical Outlook vulnerability, is currently being exploited in the wild by a Russian-state-sponsored threat actor known as Forrest Blizzard.  This vulnerability allowed threat actors to exploit an Outlook client by extracting NTLM credentials while establishing a connection to the attacker-controlled server. Moreover, this vulnerability was also known to be […]


The post New Windows Zero-click RCE Flaw Let Attackers Exploit Outlook Clients appeared first on Cyber Security News.


https://cybersecuritynews.com/new-windows-zero-click-rce-flaw/?utm_source=dlvr.it&utm_medium=blogger