Microsoft vulnerability can strike before users open ‘malicious’ email: CSE centre
The Canadian Centre for Cyber Security is warning about a significant vulnerability impacting Microsoft email users that allows threat actors to steal victims’ identities.
The alert sent out Wednesday says the advisory from Microsoft was one of “several critical vulnerabilities” published by the company the day before.
“We are flagging this alert this evening due to the seriousness of the vulnerability,” a spokesperson for the Cyber Centre said in an email to Global News Wednesday.
The advisory in question, dubbed CVE-2023-23397 by Microsoft, disclosed a zero-day vulnerability found in an email crafted by threat actors that contains a malicious payload, the agency said.
That payload will cause the victim’s Outlook email client to automatically connect to a universal naming convention agent controlled by the actor who will then receive the user’s password hash, which contains login credentials.
The Cyber Centre warns users can be exploited even prior to the malicious email being opened or previewed by the victim, adding it has confirmed successful instances of the vulnerability being used.
Microsoft users are being advised to install newly-pushed security patches immediately to protect themselves from the vulnerability.
The Cyber Centre’s warnings comes amid a rise in cybersecurity threats and attacks that have impacted Canadian businesses and institutions. Cyberattacks linked to foreign state actors, such as Russian attacks in response to Western support for Ukraine amid the current war with Moscow, are also increasing.
Notably, Microsoft’s cyber security research and analysis team warned on Wednesday that Russian hackers appear to be preparing a renewed wave of cyber attacks against Ukraine, including a “ransomware-style” threat to organizations serving Ukraine’s supply lines.
by Global News