A Security Update has been released for Outlook 2013. It resolves the following vulnerability;
- CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability
- This vulnerability is currently not publicly disclosed but it is exploited.
- The exploit for this vulnerability can be triggered automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane.
- The Exploitability Assessment is rated: Exploitation Detected.
Exchange administrators can use this script to analyze whether mailboxes have been targeted by potentially malicious messages.
View: Download information for KB5002265
Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5537.1000.