Vulnerabilities

Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)

Regarding: CVE-2023-23397

This is a fast publish, use at own risk.

See guidance from Microsoft: CVE-2023-23397 – Security Update Guide – Microsoft – Microsoft Outlook Elevation of Privilege Vulnerability

If you need to mitigate the latest Outlook vulnerability which abuses an SMB/WebDav call using the Calendar invite feature you can consider the following:

Read more “Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)”
Defence

Office Microsoft Support Diagnostic Tool (MSDT) Vulnerability “Follina”

This is a fast publish!

Confirmed all Office (ISO Install/PRO and 365) when using the Rich Text Format (RTF) method.

Office 365 has some sort of patch against the .DOCX format.

WGET Execution

Read more “Office Microsoft Support Diagnostic Tool (MSDT) Vulnerability “Follina””
Copyright (c) Xservus Limited