Late last week Microsoft issued a high alert warning for a vulnerability in Outlook. The vulnerability affects all currently supported versions of Microsoft Outlook for Windows. 

Microsoft has rated this exploit a 9.8 out of 10. CVE-2023-23397 is a Microsoft Outlook elevation of privilege vulnerability that, according to the Microsoft Security Resource Center (MSRC), has already been used by a "Russia-based threat actor" in targeted attacks against government, transport, energy, and military sectors in Europe. Using this vulnerability, an attacker can steal user login credentials and gain access your systems and data. Notable is that an attacker can exploit this vulnerability merely by sending the victim a specifically crafted email or message. Thus, making it a non-user interaction required exploit. Microsoft has released a critical update.