Microsoft has mounted a difficulty that triggers inaccurate Outlook safety alerts when opening .ICS calendar recordsdata after putting in the December 2023 Outlook Desktop safety updates.
The December Patch Tuesday safety updates behind these inaccurate warnings patch the CVE-2023-35636 Microsoft Outlook info disclosure vulnerability, which attackers can exploit to steal NTLM hashes through maliciously crafted recordsdata.
These credentials are used to authenticate because the compromised Home windows person in pass-the-hash assaults, to realize entry to delicate information or unfold laterally on their community.
Microsoft 365 customers impacted by this issue see dialog bins warning them that “Microsoft Workplace has recognized a possible safety concern” and that “This location could also be unsafe” when double-clicking ICS recordsdata saved regionally.
“This conduct isn’t anticipated when opening .ICS recordsdata. This can be a bug and might be addressed in a future replace,” the Outlook Staff said in February when Microsoft first acknowledged this recognized concern.
Microsoft has now discovered a repair for this concern and is transport it with Outlook for Microsoft 365 Model 2404 Construct 17531.20000 within the Beta Channel. These affected can take a look at the repair in the event that they’re within the Workplace Insider Channels.
Present Channel customers can anticipate to obtain a repair for the problem on April thirtieth. As soon as the repair has been examined in manufacturing, it will likely be backported to Model 2402 for the Semi-Annual Enterprise Channel (Preview) throughout the June 2024 Patch Tuesday.
Till the repair is launched to all affected customers, those that are experiencing the problem can use a registry key to quickly disable the inaccurate safety notifications.
Nevertheless, it is essential to notice that when this workaround is deployed, you will additionally cease receiving safety prompts for all different doubtlessly harmful file varieties.
To use the workaround, you need to add a brand new DWORD key with a price of ‘1’ to:
- HKEY_CURRENT_USERsoftwarepoliciesmicrosoftoffice16.0commonsecurity (Group Coverage registry path)
- ComputerHKEY_CURRENT_USERSoftwareMicrosoftOffice16.0CommonSecurity (OCT registry path)
Affected Outlook customers also can disable the warning dialogs by following the directions within the ‘Enable or disable hyperlink warning messages in Office programs‘ assist doc.
Redmond fixed another known Outlook issue final month, inflicting some Outlook desktop purchasers to cease syncing to e mail servers through Trade ActiveSync.
The corporate additionally addressed a bug behind Outlook.com connection points on desktop and cellular e mail purchasers in February.
