Microsoft Outlook December Updates Trigger Ics Security Alerts

Outlook

Microsoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates.

Microsoft 365 users affected by this issue report seeing dialog boxes warning them that “Microsoft Office has identified a potential security concern” and that “This location may be unsafe” when double-clicking ICS files saved locally.

“This behavior is not expected when opening .ICS files. This is a bug and will be addressed in a future update,” Microsoft explains in this support document.

The company also revealed that the security warning will be displayed after deploying a security update that patches the CVE-2023-35636 Microsoft Outlook information disclosure vulnerability.

If left unpatched, the security flaw can be exploited by attackers to trick users of unpatched Outlook installations into opening maliciously crafted files to steal NTLM hashes (their obfuscated Windows credentials).

The attackers can later use them to authenticate as the compromised user, gain access to sensitive data, or spread laterally on their network.

Microsoft Outlook ICS security notice
Microsoft Outlook ICS security notice (Tim Benedict)

​Workaround available

Until a resolution is available, Redmond shared a temporary fix for those impacted in the form of a registry key that would disable the security notice.

However, once this workaround is deployed, it’s also important to note that you’ll stop receiving security prompts for all other potentially dangerous file types, not just ICS calendars.

Those affected by this known issue have to add a new DWORD key with a value of ‘1’ to:

  • HKEY_CURRENT_USER\software\policies\microsoft\office\16.0\common\security (Group Policy registry path)
  • Computer\HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security (OCT registry path)

Impacted customers can also disable the dialog by following the step-by-step instructions available in the ‘Enable or disable hyperlink warning messages in Office programs‘ support document.

Microsoft fixed another known Outlook issue earlier this month, causing desktop and mobile email clients to fail to connect when using Outlook.com accounts.

In December, the company addressed two more bugs causing problems for users with lots of folders when sending emails and one more causing Outlook Desktop clients to crash when sending emails from Outlook.com accounts.


Original Source


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

To keep up to date follow us on the below channels.