Microsoft has fastened a problem that triggers faulty Outlook safety alerts when opening .ICS calendar recordsdata after putting in the December 2023 Outlook Desktop safety updates.
The December Patch Tuesday safety updates behind these inaccurate warnings patch the CVE-2023-35636 Microsoft Outlook info disclosure vulnerability, which attackers can exploit to steal NTLM hashes by way of maliciously crafted recordsdata.
These credentials are used to authenticate because the compromised Home windows person in pass-the-hash assaults, to achieve entry to delicate information or unfold laterally on their community.
Microsoft 365 customers impacted by this difficulty see dialog bins warning them that “Microsoft Office has identified a potential security concern” and that “This location may be unsafe” when double-clicking ICS recordsdata saved domestically.
“This behavior is not expected when opening .ICS files. This is a bug and will be addressed in a future update,” the Outlook Staff stated in February when Microsoft first acknowledged this recognized difficulty.
Microsoft has now discovered a repair for this difficulty and is delivery it with Outlook for Microsoft 365 Model 2404 Construct 17531.20000 within the Beta Channel. These affected can take a look at the repair in the event that they’re within the Workplace Insider Channels.
Present Channel customers can anticipate to obtain a repair for the problem on April thirtieth. As soon as the repair has been examined in manufacturing, it will likely be backported to Model 2402 for the Semi-Annual Enterprise Channel (Preview) through the June 2024 Patch Tuesday.
Till the repair is launched to all affected customers, those that are experiencing the problem can use a registry key to quickly disable the faulty safety notifications.
Nonetheless, it is necessary to notice that when this workaround is deployed, you may additionally cease receiving safety prompts for all different probably harmful file varieties.
To use the workaround, you must add a brand new DWORD key with a price of ‘1’ to:
- HKEY_CURRENT_USERsoftwarepoliciesmicrosoftoffice16.0commonsecurity (Group Coverage registry path)
- ComputerHKEY_CURRENT_USERSoftwareMicrosoftOffice16.0CommonSecurity (OCT registry path)
Affected Outlook customers may also disable the warning dialogs by following the directions within the ‘Allow or disable hyperlink warning messages in Workplace applications‘ help doc.
Redmond fastened one other recognized Outlook difficulty final month, inflicting some Outlook desktop purchasers to cease syncing to electronic mail servers by way of Alternate ActiveSync.
The corporate additionally addressed a bug behind Outlook.com connection points on desktop and cellular electronic mail purchasers in February.
