Mark One Consultants Blog - IT news & technology tips

Our Channel

Sharing our news with you.

The world of IT moves fast - really fast. We have created this space so we can share with you the most relevant news, reviews and information from around the IT and Mark One world.

Content type

Content categories






Security Alert! Microsoft Outlook Security Vulnerability Detected

by Simon Wetherell - Fri 17 Mar 2023

In today's digital age, cybercrime has become a significant threat to individuals and businesses alike. Cybercriminals are always on the lookout for vulnerabilities in software and systems, which they can exploit to gain unauthorised access to sensitive data. This week, a serious security vulnerability was discovered in Microsoft Outlook, which is currently being exploited by cybercriminals. The vulnerability, identified as CVE-2023-23397, has a CVSS score of 9.8 (out of 10), making it a highly critical threat. We are awaiting confirmation of which Microsoft Outlook versions are affected, but can confirm online services such as Microsoft 365 (which do not support NTLM authentication) are thankfully not vulnerable to being attacked by these messages.

This vulnerability allows an attacker to compromise systems by sending a specially crafted email to a user. The email is designed to exploit the vulnerability in the Microsoft Outlook client, which allows the attacker to gain unauthorised access to the victim's account and authenticate themselves on various Microsoft services. What makes this vulnerability particularly concerning is that no end-user interaction is necessary. Simply receiving the malicious email within the Windows app version of Microsoft Outlook is enough to compromise the system.

If you are therefore using Microsoft Outlook on a Windows computer with an on-premises email server, it is crucial to take immediate action to protect your system. Microsoft has released an article here for this vulnerability, and it is recommended that you action this as soon as possible. Additionally, all of our SpamShield customers are protected against this security vulnerability. Any emails attempting to exploit this vulnerability will be quarantined and will not appear in your mailbox.

It is also recommended that you remain vigilant and cautious when receiving emails, particularly those from unknown senders or with suspicious attachments or links. Be sure to verify the authenticity of the sender before opening any attachments or clicking on any links. We highly recommend keeping systems up to date with the latest security patches while utilising quality endpoint security software, such as the suite of products offered by our partner Eset.

We will continue to monitor developments regarding this Microsoft Security Vulnerability and will publish more information as it becomes available. Please contact us if you are concerned. Also, forward this information onto other colleagues or businesses you feel may benefit.

You might also be interested in...

Reducing costly downtime with your IT Systems

Reducing costly downtime with your IT Systems

Thu 02 Mar 2023
5 Reasons your Business Needs a Qualified IT Consultant

5 Reasons your Business Needs a Qualified IT Consultant

Mon 06 Feb 2023
Our New Measure of Technology… An MOT for your IT

Our New Measure of Technology… An MOT for your IT

Tue 03 Jan 2023
Show more
Would you pass an IT MOT?

We have developed a detailed Measure of Technology (MOT) for your business that will analyse and review your IT infrastructure and provide you with a system health check. Once our qualified technician has completed the MOT you will receive a detailed report on your IT infrastructure, including; future advisories, minor defects, and system critical defects (SCD).

  • Performed by qualified technicians
  • Conducted face-to-face at your premises
  • Comprehensive report upon completion
  • 50% off for a limited time!