Microsoft Outlook Elevation of Privilege Vulnerability

21 March 2023
A vulnerability in Microsoft Outlook has been identified that has the risk of credential theft where an attacker can steal a legitimate users’ credentials for unauthorised access and elevation of privileges to an organisation’s information and systems.

The alert is applicable to all funded organisations that use supported versions of Microsoft Outlook for Windows.

What do I need to do? 

Please alert your IT department or your IT service provider about this vulnerability.

Where can I get more information?

You can get more information about the Microsoft Outlook vulnerability from the VPDSS SharePoint site:

For those agencies that do not have access to the VPDSS SharePoint site you can access information about the Microsoft vulnerability from Microsoft: