#Office2016

Microsoft discloses unpatched Office flaw that exposes NTLM hashes

by

August 10, 2024 at 12:28PM Microsoft disclosed a high-severity vulnerability affecting multiple Office versions, including Office 2016 and Microsoft 365 Apps for Enterprise. Tracked as CVE-2024-38200, the flaw allows unauthorized access to protected information. Although Microsoft is developing security updates, an alternative fix has been released. Blocking outbound NTLM traffic is recommended as a mitigation. … Read more

Microsoft discloses Office zero-day, still working on a patch

by

August 9, 2024 at 12:17PM Microsoft has identified a high-severity zero-day vulnerability in Office 2016 and later, for which a patch is yet to be released. Based on the meeting notes, the key takeaway is that Microsoft has announced a high-severity zero-day vulnerability impacting Office 2016 and later versions that is still awaiting a patch. … Read more