Security Bulletin: Critical Microsoft Outlook exploit requires immediate security update

Microsoft has released security updates for Windows and Outlook that all users should apply immediately, as they address several critical security vulnerabilities that have already been exploited by Russian hackers.

If your organization’s computers are enrolled in Macktez Workstation Management, we were able to ensure that all PCs were up to date. Macktez even remotely rebooted computers that still needed a restart in order to apply the security patches.

If your organization’s computers are not enrolled in Macktez Workstation Management, you should apply updates right away to make sure that Windows and Outlook are current.

– Select Start  > Settings  > Windows Update

– Then select Check for updates.

– If updates are available, choose to install them.

Or go to this Microsoft Support page and click the “Check for updates” button.

If you need any help with this or have any questions, please email us to let us know what the issue is.

In addition, if your mail provider is Microsoft 365, Macktez is available to run a script that checks accounts to see if this vulnerability has been exploited at your organization.

What’s really going on?

The vulnerability allows hackers to send you a specially-formatted email or calendar invite that can share an important part of your Windows internal password management tool. This, in turn, can allow hackers to try for more targeted attacks.

The exploit appears to have been used by state-sponsored hackers in Russia against targets in Ukraine for at least the past year. If you are not involved in that conflict, it is highly unlikely that your organization has been targeted. But now that Microsoft has announced the vulnerability, bad actors everywhere are aware of it and have likely already started trying to use it against unpatched systems.

Note: macOS, iOS, and Android versions of Outlook do NOT have the same vulnerability.

Best practices

Microsoft regularly updates Windows and other Microsoft applications on the second Tuesday of every month (“Patch Tuesday”). Not all updates are as critical as this month’s, but they are all important and recommended — you should keep automatic updates on and restart your computer at least weekly to make sure that patches are fully applied and your system is current.

Macktez Workstation Management provides a core set of tools on end-user computers that allow us to manage software patching, antivirus and malware protection, and standard security policies such as screen lock and local encryption. Our clients with workstations enrolled in this subscription are guaranteed to have the latest security updates already installed, and this week we were able to issue a reboot command to any workstations that hadn’t yet completed the latest updates. If you’d like your organization to have the same protection, contact us and we can meet to discuss your options.