CVE-2017-8572

Name of the Vulnerable Software and Affected Versions Microsoft Outlook versions 2007 SP3 through 2016

Description An information disclosure issue exists due to the way Microsoft Outlook discloses the contents of its memory. This occurs when Microsoft Outlook fails to properly validate authentication requests, allowing an attacker to potentially trick a user into disclosing their NTLM hash, which could then be used in a brute-force attack to disclose the corresponding hash password.

Recommendations For Microsoft Outlook versions 2007 SP3 through 2016, update to a version that includes the fix for this issue to prevent information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.