Microsoft recently patched a vulnerability in Outlook which was already being exploited by cyber-criminals. This one was especially bad because the user did not even have to open the message to be attacked!
With a specially crafted email, the attackers could steal the user’s authentication information. The range of possible attacks could include data exfiltration to potentially installing malware and more.
This impacts anyone with the desktop version of Outlook and Exchange which is a tremendous number of people. Some called this the “IT” Bug of 2023.
Since the vulnerability has become public and instructions for a proof of concept have been documented, it has been rapidly expanding in criminal circles.
What should you do? Apply the Microsoft patches immediately. If you are unsure how to do that or want automatic patch management, contact ASIS today.