High Severity Vulnerability present in Microsoft Outlook for Windows
Microsoft released a patch for a critical vulnerability affecting all windows based versions of Outlook at the end of March 2023.
What should you do?
If you are a GroupSupport client partaking in Monitoring, Performance Management and Patching services the updates should have already been applied during recent patching runs.
If you manage your own updating you should apply all the current updates for your version of Microsoft Outlook as the recent patch mitigates the issue.
Where updating is not possible due to requirements to maintain at certain versions for third-party software compatibility (rare) we recommend you contact your third-party software vendor to register concern and query the status of patches for the third-party software to bring compatibility up to the current versions of the Microsoft Suite.
This vulnerability also identifies two vulnerable ports specifically which are already secured under standard GroupSupport policy. If you purchased your router from GroupSupport or had our team configure your router then these ports are already blocked.
More information is available on the vulnerability here https://www.cyber.gov.au/acsc/view-all-content/alerts/high-severity-vulnerability-present-microsoft-outlook-windows
