InfoSecBulletin Cybersecurity for mankind
Microsoft is looking into a problem with Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates.
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CERT-UA alerts about “security audit” requests through AnyDesk
Oracle Critical Pre-Release update addressed 320 flaw
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS
Intel holds 22 employees from one Bangladeshi University
VPN Surge 1500% in USA after TikTok Shut Down
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology
Microsoft 365 users report a problem that they receive warning messages when they try to open locally saved ICS files. The messages indicate a possible security risk.
“This behavior is not expected when opening .ICS files. This is a bug and will be addressed in a future update,” Microsoft explains in this support document.
The company announced that a security warning will appear after installing an update that fixes the CVE-2023-35636 Microsoft Outlook information disclosure vulnerability.
If not fixed, the security flaw can be used by attackers to trick users of unpatched Outlook into opening files to steal Windows credentials.
Attackers can later use the compromised user’s authentication to gain access to sensitive data or spread throughout the network.
