5/26/2023 0 Comments Microsoft mail web![]() Microsoft has also provided impact assessment scripts at and detailed the steps to run the script to evaluate the impact. Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2019 for 64-bit editions Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for 32-bit editions Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) As per the Microsoft blog other versions of Microsoft Outlook such as Android, iOS, Mac, as well as Outlook on the web and other M365 services are not affected ![]() This impacts all versions of Microsoft Outlook for Windows. ![]() The attacker can then use this connection’s NTLM negotiation message and relay this authentication against other systems that support NTLM authentication.Īccording to Microsoft “An attacker who successfully exploited this vulnerability could access a user’s Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user” There is no user interaction required to trigger this vulnerability. Once Outlook receives this message it initiates a NTLM authentication with this SMB share server. An attacker can send an email to the victim with an extended MAPI (Microsoft Outlook Messaging API) property with a UNC (Universal Naming Convention – A string format that specifies the location of a resource) path to an attacker-controlled SMB (TCP 445) share. ![]()
0 Comments
Leave a Reply. |