DarrylRH

Members

Kudos

See kudos

SLV reacted to a post in a topic: CVE-2023-23397 Microsoft Mitigates Outlook Elevation of Privilege Vulnerability March 20, 2023
CVE-2023-23397 Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

DarrylRH replied to DM R's topic in General Discussion

Appreciate what you're saying - my understanding is this exploit triggers the Outlook client to initiate an outbound SMB connection via the system process thereby exposing the NTLM hash. ESET Mail Security is running in the inbound side of Exchange edge transport - before the exploit ever reaches the mailbox, and far before the Outlook client comes into play.
- March 18, 2023
- 7 replies
- - 1
- - cve-2023-23397
CVE-2023-23397 Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

DarrylRH replied to DM R's topic in General Discussion

Can we expect ESET Mail Security to quarantine inbound external messages once the detection signatures are made available? (thereby protecting potentially vulnerable Outlook clients)