FIX Outlook Client Vulnerability | Force Office Apps Update using Intune SCCM Manual Task Scheduler
Let's discuss FIX Outlook Client Vulnerability and Force Office Apps Update using Intune SCCM Manual Task Scheduler in this video.
More Details - FIX Zero Day Security Vulnerability for Outlook - https://www.anoopcnair.com/zero-day-v...
#msintune #msoutlook #microsoftintune #microsoft365 #configmgr #windows #windows365
==
Intune Policy to force Office Apps Update • How to Quickly Expedite Office Update...
Let’s check the Intune Policy to Force Office Apps to a Target Version. You can use the Settings Catalog (more details Create Intune Settings Catalog Policy). Settings Catalog supports Windows device platforms.
==
FIX: Outlook Client Vulnerability
Office Vulnerability
Force Update using Intune
Secure Outlook client
==
CVE-2023-23397 Microsoft Outlook
CVE-2023-23397 is Microsoft Outlook Elevation of Privilege Vulnerability and is not publicly disclosed. It's already confirmed that the exploitation was detected.
This issue is regardless of where your mail is hosted (e.g., Exchange Online, Exchange Server, or some other platform).
==
Mitigation Outlook Client Issue if there is a bigger challenge with version upgrade?
The guidance below provides additional mitigation that can reduce the risk of WebDAV based attacks until the updated versions can be applied.
Customers can disable the WebClient service running on their organization’s machines, similar to our recommendation of blocking TCP/445 traffic.
More Details https://msrc.microsoft.com/update-gui...
==
Impacted Versions of Outlook Client with CVE-2023-23397 EOL?
The only impacted version of the Outlook client is the Windows Outlook client
There is NO impact for other versions of Microsoft Outlook such as Android, iOS, and Mac, as well as Outlook on the web and other M365 services.
==
Fix Outlook Client Zero-Day Vulnerability CVE-2023-23397?
There are different methods to fix by updating the Office apps to the latest version!
Manual
SCCM
Intune
Group Policy
==
Impact assessment PowerShell script Outlook Client Zero-Day Vulnerability CVE-2023-23397?
Impact assessment using PS CVE-2023-23397.ps1 Download from https://microsoft.github.io/CSS-Excha...
==
Registry Entry for Officee Build Number
In the Registry Editor app, go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\Provider ID\default\Device\office16~Policy~L_MicrosoftOfficemachine~L_Updates.
==
Office Apps Build Numbers
All the supported channels were updated on 14th March with a fix.
Check out the build number. Will use that for Intune policy.
Current Channel 2302 16130.20306
Monthly Enterprise Channel 2301 16026.20238
Monthly Enterprise Channel - 2212 15928.20298
Semi-Annual Enterprise Channel (Preview) - 2302, 16130.20306
Semi-Annual Enterprise Channel - 2208, 15601.20578
Semi-Annual Enterprise Channel - 2202, 14931.20944
==
Force Update PS Script? Proactive Remediation Script
$ExePath = 'C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe' $Options = '/update USER updateuserprompt=true forceappshutdown=true displaylevel=true' Start-Process -FilePath $($ExePath) -ArgumentList $($Options) -Passthru –Wait
https://gist.github.com/nicolonsky/b0...
https://twitter.com/woodyinwoodley/st...
==
SCCM - Fix SCCM: Outlook Client Zero-Day Vulnerability
Use SCCM patching mechanism to deploy Office 365 client updates.
Use Automatic deployment rules to create and deploy latest patches for Microsoft 365 apps that includes Outlook client app as well.
https://www.anoopcnair.com/sccm-creat...
==
Intune - Fix Intune: Outlook Client Zero-Day Vulnerability
Settings Catalog supports Windows device platforms.
Search for Target Version and set the policy
Target Version Enabled:
Update Version (Device) to 16.0.16130.20298
https://www.anoopcnair.com/sccm-creat...
==
More Microsoft Links and Scripts
https://techcommunity.microsoft.com/t...
https://learn.microsoft.com/en-us/mem...
https://msrc.microsoft.com/blog/2023/...
==
Task Scheduler Clear the registry key: Go to \SOFTWARE\Microsoft\Office\ClickToRun\Updates.
Double-select the UpdateDetectionLastRunTime key, delete the value data -OK.
Use Task Scheduler to update the Office Versions and Force the Office update.
Office Automatic Updates 2.0 - This task ensures that your Microsoft Office installation can check for updates.
==
Fix Manual: Outlook Client Zero-Day Vulnerability
You can check the version by clicking Select File - Office Account - Office Updates and selecting the About Outlook button.
Microsoft 365 MSO
