{"id":618111,"date":"2023-03-15T09:49:11","date_gmt":"2023-03-15T14:49:11","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/03\/15\/russian-hackers-have-been-exploiting-unknown-flaw-in-outlook-for-nearly-a-year-now\/"},"modified":"2023-03-15T09:49:11","modified_gmt":"2023-03-15T14:49:11","slug":"russian-hackers-have-been-exploiting-unknown-flaw-in-outlook-for-nearly-a-year-now","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/03\/15\/russian-hackers-have-been-exploiting-unknown-flaw-in-outlook-for-nearly-a-year-now\/","title":{"rendered":"Russian hackers have been exploiting unknown flaw in Outlook for nearly a year now"},"content":{"rendered":"<article aria-label=\"article\" data-id=\"zGXZj8CRb4VbFQrAD49S4d\">\n<header>\n<nav aria-label=\"Breadcrumbs\">\n<ol>\n<li>\n<a href=\"https:\/\/www.techradar.com\" aria-label=\"Return to Home\">Home<\/a>\n<\/li>\n<li>\n<a href=\"https:\/\/www.techradar.com\/news\" aria-label=\"Return to News\">News<\/a>\n<\/li>\n<li>\n<a href=\"https:\/\/www.techradar.com\/computing\" aria-label=\"Return to Computing\">Computing<\/a>\n<\/li>\n<\/ol>\n<\/nav>\n<\/header>\n<section>\n<div itemprop=\"image\" itemscope itemtype=\"https:\/\/schema.org\/ImageObject\">\n<div>\n<picture><source type=\"image\/webp\" alt=\"Microsoft Outlook logo on blue background\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn.jpg\"><source type=\"image\/jpeg\" alt=\"Microsoft Outlook logo on blue background\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn.jpg\"><img decoding=\"async\" src=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn-320-80.jpg\" alt=\"Microsoft Outlook logo on blue background\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn.jpg\"><\/picture>\n<\/div>\n<p><meta itemprop=\"url\" content=\"https:\/\/cdn.mos.cms.futurecdn.net\/Un5CRWVYRDC769ZrkZKAjn.jpg\"><br \/>\n<meta itemprop=\"height\" content=\"600\"><br \/>\n<meta itemprop=\"width\" content=\"338\"><figcaption itemprop=\"caption description\">\n<span itemprop=\"copyrightHolder\">(Image credit: Microsoft)<\/span><br \/>\n<\/figcaption><\/div>\n<div id=\"article-body\">\n<p>Microsoft has just issued an update to its Outlook desktop client to protect users from hackers reportedly associated with the Russian military intelligence service GRU.<\/p>\n<p>Official bodies and government agencies appear to have been the key focus of the attack, which took place from as early as April 2022.<\/p>\n<p>The elevation of privilege vulnerability, according to <a href=\"https:\/\/go.redirectingat.com\/?id=92X363&#038;xcust=trdpro_us_3929502272647875600&#038;xs=1&#038;url=https%3A%2F%2Fmsrc.microsoft.com%2Fblog%2F2023%2F03%2Fmicrosoft-mitigates-outlook-elevation-of-privilege-vulnerability%2F&#038;sref=https%3A%2F%2Fwww.techradar.com%2Fnews%2Frussian-hackers-have-been-exploiting-unknown-flaw-in-outlook-for-nearly-a-year-now\" target=\"_blank\" data-url=\"https:\/\/msrc.microsoft.com\/blog\/2023\/03\/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability\/\" data-hl-processed=\"skimlinks\" data-placeholder-url=\"https:\/\/go.redirectingat.com\/?id=92X363&#038;xcust=hawk-custom-tracking&#038;xs=1&#038;url=https%3A%2F%2Fmsrc.microsoft.com%2Fblog%2F2023%2F03%2Fmicrosoft-mitigates-outlook-elevation-of-privilege-vulnerability%2F&#038;sref=https%3A%2F%2Fwww.techradar.com%2Fnews%2Frussian-hackers-have-been-exploiting-unknown-flaw-in-outlook-for-nearly-a-year-now\" rel=\"sponsored noopener\" referrerpolicy=\"no-referrer-when-downgrade\" data-google-interstitial=\"false\" data-merchant-name=\"SkimLinks - microsoft.com\" data-merchant-id=\"undefined\" data-merchant-url=\"undefined\" data-merchant-network=\"undefined\"><u>Microsoft<\/u><\/a><span> (opens in new tab)<\/span>, only affected Outlook for Windows. macOS, iOS, Android, and web versions of the <a href=\"https:\/\/www.techradar.com\/news\/best-email-provider\"><u>email provider<\/u><\/a> were unaffected during this time.<\/p>\n<h2 id=\"outlook-vulnerability\">Outlook vulnerability<\/h2>\n<p>The summary reads: \u201cMicrosoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN manager (NTLM) credential theft.\u201d<\/p>\n<p>The vulnerability, recognized as critical and denoted the <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-23397\" target=\"_blank\" data-url=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-23397\" rel=\"noopener\"><u>CVE-2023-23397<\/u><\/a><span> (opens in new tab)<\/span> tag, relayed the victim\u2019s NTLM negotiation message to other systems that support NTLM authentication.<\/p>\n<p>The company confirms: \u201cMicrosoft Threat Intelligence assesses that a Russia-based threat actor used the exploit patched in CVE-2023-23397 in targeted attacks against a limited number of organizations in government, transportation, energy, and military sectors in Europe.\u201d<\/p>\n<p>According to a private threat analytics report seen by <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-fixes-outlook-zero-day-used-by-russian-hackers-since-april-2022\/\" target=\"_blank\" data-url=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-fixes-outlook-zero-day-used-by-russian-hackers-since-april-2022\/\" rel=\"noopener\"><u>BleepingComputer<\/u><\/a><span> (opens in new tab)<\/span>, stolen credentials were used for lateral movement within a victim\u2019s network and to change Outlook mailbox folder permissions.<\/p>\n<p>A <a href=\"https:\/\/microsoft.github.io\/CSS-Exchange\/Security\/CVE-2023-23397\/\" target=\"_blank\" data-url=\"https:\/\/microsoft.github.io\/CSS-Exchange\/Security\/CVE-2023-23397\/\" rel=\"noopener\"><u>script<\/u><\/a><span> (opens in new tab)<\/span> compiled by Microsoft aims to help organizations determine whether they were targeted during any attacks exploiting the vulnerability.<\/p>\n<p>The company is now urging customers with 32-bit and 64-bit versions of Outlook installed on their Windows machines (including Outlook 2013, Outlook 2016, Outlook 2019, Office LTSC 2021, and Microsoft 365 Apps for Enterprise) to apply the patch.<\/p>\n<p>Moreover, installing security updates to all software in a timely manner has become an important part of running apps in an effort to maintain the utmost security.<\/p>\n<ul>\n<li>Check out the <a href=\"https:\/\/www.techradar.com\/best\/best-malware-removal\"><u>best malware removal<\/u><\/a> tools<\/li>\n<\/ul>\n<\/div>\n<div data-hydrate=\"true\" data-reactroot id=\"slice-container-newsletterForm-articleInbodyContent\">\n<section>\n<p>Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!<\/p>\n<\/section>\n<\/div>\n<div data-reactroot id=\"slice-container-authorBio\">\n<p>With several years\u2019 experience freelancing in tech and automotive circles, Craig\u2019s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the electrification of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!<\/p>\n<\/div>\n<\/section>\n<p><a href=\"https:\/\/www.techradar.com\/news\/russian-hackers-have-been-exploiting-unknown-flaw-in-outlook-for-nearly-a-year-now\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Clora Buresh<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Home News Computing (Image credit: Microsoft) Microsoft has just issued an update to its Outlook desktop client to protect users from hackers reportedly associated with the Russian military intelligence service GRU.Official bodies and government agencies appear to have been the key focus of the attack, which took place from as early as April 2022.The elevation<\/p>\n","protected":false},"author":1,"featured_media":618112,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[183,776,46],"tags":[],"class_list":{"0":"post-618111","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-hackers","8":"category-russian","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/618111","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=618111"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/618111\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/618112"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=618111"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=618111"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=618111"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}