Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 CRITICAL). The publication generated a lot of activity among white, grey and black hat researchers, as well as lots of publications and tweets about the vulnerability and its exploitation.

In this post Kaspersky researchers highlight the key points and then focus on the initial use of this vulnerability by attackers before it became public.

Read more…
Source: Kaspersky