Jump to content
  • Microsoft Outlook December updates trigger ICS security alerts


    Karlston

    • 1 comment
    • 668 views
    • 2 minutes
     Share


    • 1 comment
    • 668 views
    • 2 minutes

    Microsoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates.

     

    Microsoft 365 users affected by this issue report seeing dialog boxes warning them that "Microsoft Office has identified a potential security concern" and that "This location may be unsafe" when double-clicking ICS files saved locally.

     

    "This behavior is not expected when opening .ICS files. This is a bug and will be addressed in a future update," Microsoft explains in this support document.

     

    The company also revealed that the security warning will be displayed after deploying a security update that patches the CVE-2023-35636 Microsoft Outlook information disclosure vulnerability.

     

    If left unpatched, the security flaw can be exploited by attackers to trick users of unpatched Outlook installations into opening maliciously crafted files to steal NTLM hashes (their obfuscated Windows credentials).

     

    The attackers can later use them to authenticate as the compromised user, gain access to sensitive data, or spread laterally on their network.

     

    Microsoft_Outlook_ICS_security_alert.jpg

    Microsoft Outlook ICS security notice (Tim Benedict)

    Workaround available

    Until a resolution is available, Redmond shared a temporary fix for those impacted in the form of a registry key that would disable the security notice.

     

    However, once this workaround is deployed, it's also important to note that you'll stop receiving security prompts for all other potentially dangerous file types, not just ICS calendars.

     

    Those affected by this known issue have to add a new DWORD key with a value of '1' to:

     

    • HKEY_CURRENT_USER\software\policies\microsoft\office\16.0\common\security (Group Policy registry path)
    • Computer\HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security (OCT registry path)

     

    Impacted customers can also disable the dialog by following the step-by-step instructions available in the 'Enable or disable hyperlink warning messages in Office programs' support document.

     

    Microsoft fixed another known Outlook issue earlier this month, causing desktop and mobile email clients to fail to connect when using Outlook.com accounts.

     

    In December, the company addressed two more bugs causing problems for users with lots of folders when sending emails and one more causing Outlook Desktop clients to crash when sending emails from Outlook.com accounts.

     

    Source


    User Feedback

    Recommended Comments

    I would say this is laughable, but for Microsoft it is par for the course. Then again, does anyone at Microsoft know what the hell they are doing? Or are they feeling Empowered (tm)?

     

    I will refrain from taking my usual potshots at Nadella,  because it's obvious he has NEVER know what the hell he's doing.

    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...