Vulnerability Detected - Microsoft Outlook (email)

A new vulnerability within Microsoft Outlook that is malicious and dangerous has been identified – CVE-2023-23397. This vulnerability allows a particular malicious email to enter your mailbox and automatically download a file without the user even opening the email or attachments.

How Do I Mitigate This Risk?

Microsoft has released a patch/update that must be installed to resolve the vulnerability. To ensure you have installed the required update, follow these simple steps:

1. In Outlook, Click on the FILE menu and then click on “Office Account”.
2. Locate the Office Updates section and choose Update Now.
   This will force your account to check for the latest update and will download and install it for you.
   
3. Once the update is downloaded, you must close and re-open Microsoft Office programs for the update to install and for the changes to take effect.

It is recommended that this is completed on ALL local installations of Microsoft Office.

Back to Resources