![]() ![]() Enable automatic updates, and ensure that your computer is updated after each update cycle.Īn attacker can exploit this vulnerability by sending an email message or calendar invitation that contains a link to an attacker-controlled Windows shared resource.Check for updates depending on your device or operating system.More info: Outlook on the web (aka OWA) – IT Connect (uw.edu) Use the browser to connect rather than your desktop Outlook client until your client is patched.Recommendations for UW students, faculty, and staff Microsoft has also released a brief technical description of the vulnerability which can be found here: The patches may also be downloaded individually at (under “Security Updates”). Running Windows Update on these machines will apply patches for this vulnerability. If you are responsible for any non-UW managed Windows computers (including personal computers running Outlook), you should ensure this patch is applied as soon as possible. ![]() Microsoft has released an update to address this vulnerability as part of this month’s regular Patch Tuesday updates. ![]() It does NOT affect Outlook for Android, iOS, or macOS versions.It does NOT affect online services such as Outlook Web Access (OWA) and Microsoft 365.The vulnerability can be exploited with an email message or a calendar invitation, and ultimately, it allows adversaries to use your login credentials without even knowing your password. On March 14th, Microsoft disclosed a critical security vulnerability (CVE-2023-23397) that affects all supported versions of Microsoft Outlook for Windows. Recommendations for UW students, faculty, and staff. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |