Microsoft is looking into an issue that causes Outlook security alarms when users attempt to view ICS calendar files. It was taken into consideration after installing the December 2023 Patch Tuesday Office security upgrades.
This problem affects Microsoft 365 users. When double-clicking ICS files stored locally, they warn that "Microsoft Office has identified a potential security concern" and that "This location may be unsafe".
On this support page, Microsoft notes that "This behavior is not expected when opening ICS files." This is an issue, which will be fixed in a future release.
The corporation also stated that the security alert will appear when a security update is deployed. Later, it will address the CVE-2023-35636 Microsoft Outlook information disclosure issue.
If the information is not fixed, attackers can leverage the security hole to deceive users of unpatched Outlook installations. It enables them to access maliciously constructed files and steal NTLM hashes (their obfuscated Windows credentials).
Attackers can then utilize them to
- Authenticate as the hacked user.
- Get access to sensitive info.
- Spread laterally over their network.
In the interim, Redmond provided a temporary remedy for anyone who had previously been afflicted by this malicious behavior. However, it is crucial to remember that you will no longer receive security alerts for any other potentially harmful file formats, including ICS calendars. Those impacted by this known problem must create a new DWORD key with the value '1' to:
- HKEY_CURRENT_USERsoftwarepoliciesmicrosoftoffice16.0commonsecurity (group policy registry path)
- ComputerHKEY_CURRENT_USERSoftwareMicrosoftOffice16.0CommonSecurity (OCT registry path).
- The afflicted users can also disable the dialog by following the step-by-step instructions in the support article 'Enable or disable hyperlink warning messages in Office products'.
It has also been noted that Microsoft resolved another known Outlook bug earlier this month. It causes desktop and mobile email applications to fail to connect to Outlook.com accounts.
In December, the business resolved two further problems. These flaws were causing issues for users with multiple folders while sending emails. Additionally, it causes Outlook Desktop clients to break when sending emails from Outlook.com accounts.