The script will tell you if any users have been targeted by potentially malicious messages and allow you to modify or delete those messages if any are found. Please see the MSRC blog post about this vulnerability for more details.īut if your mailboxes are in Exchange Online or on Exchange Server, after installing the Outlook update, you can use a script we created to see if any of your users have been targeted using the Outlook vulnerability. To address this CVE, you must install the Outlook security update, regardless of where your mail is hosted (e.g., Exchange Online, Exchange Server, some other platform). There is a critical security update for Microsoft Outlook for Windows that is required to address CVE-2023-23397.
Awareness: Outlook client update for CVE-2023-23397 released More details about specific CVEs can be found in the Security Update Guide (filter on Exchange Server under Product Family). Exchange Online customers are already protected from the vulnerabilities addressed in these SUs and do not need to take any action other than updating Exchange servers in their environment, and if applicable, installing the security update for Outlook on Windows described below. These vulnerabilities affect Exchange Server. Although we are not aware of any active exploits in the wild, our recommendation is to install these updates immediately to protect your environment. The March 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes.
Microsoft has released Security Updates (SUs) for vulnerabilities found in:
0 kommentar(er)
