January 29, 2024 at 09:17AM
A Microsoft Outlook security flaw, CVE-2023-35636, could expose NTLM v2 hashed passwords through a specially crafted file, recently patched by Microsoft. Attackers could exploit it via email or web, convincing users to open the file or click a link. Varonis researcher Dolev Taler reported the bug, highlighting potential leakage vulnerabilities. Microsoft plans to discontinue NTLM in Windows 11 for improved security.
Key takeaways from the meeting notes:
– There was a security flaw in Microsoft Outlook, tracked as CVE-2023-35636 with a CVSS score of 6.5, which allowed threat actors to access NT LAN Manager (NTLM) v2 hashed passwords.
– The flaw was addressed in Microsoft’s Patch Tuesday updates for December 2023.
– The vulnerability could be exploited through email or web-based attack scenarios by convincing users to open a specially crafted file.
– The bug was discovered and reported by Varonis security researcher Dolev Taler, who highlighted that NTLM hashes could be leaked using unpatched attack methods.
– Microsoft announced plans to discontinue NTLM in Windows 11 in favor of Kerberos for improved security.
Let me know if you need further assistance with this information.