According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. Is the Preview Pane an attack vector for this vulnerability? Yes. The Preview Pane is an attack vector, but additional user interaction is required. What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of NetNTLMv2 hashes. After I installed the July 2023 security updates for Outlook, I can no longer access UNC, SMB, or file:// type URLs from my Outlook. How do I prevent this from happening? The July 2023 Outlook security updates limit access to UNC, SMB, and file:// type URLs to only those the system identifies as Local, Intranet, or Trusted Sites. Additionally, when you click a link for one of these UNC, SMB, or file:// type URLs, a confirmation dialog will be displayed. To ensure continued access, add the URL, UNC, or FQDN path to the Trusted Site Zone as described in Intranet site is identified as Internet site - Windows Client | Microsoft Learn. For more information see Outlook blocks opening FQDN and IP address hyperlinks after installing protections for Microsoft Outlook Security Feature Bypass Vulnerability released July 11, 2023.
Jordan Hopkins - Rootshell Security