Microsoft is currently investigating an issue related to Outlook security alerts that arise when attempting to open .ICS calendar files subsequent to installing the December 2023 Patch Tuesday Office security updates. This problem primarily affects Microsoft 365 users, who report encountering dialog boxes warning of potential security concerns when attempting to open locally saved ICS files. The issue, described by Microsoft as unexpected behavior, stems from a bug and is slated for resolution in a forthcoming update, as stated in a support document.
Moreover, Microsoft disclosed that the security warning stems from a security update designed to patch the CVE-2023-35636 vulnerability in Microsoft Outlook. Left unaddressed, this vulnerability could be exploited by malicious actors to deceive users of unpatched Outlook installations into opening maliciously crafted files to pilfer NTLM hashes, their obfuscated Windows credentials. These compromised credentials could then be used by attackers to authenticate as the affected user, potentially gaining access to sensitive data or spreading laterally across the network.
Microsoft has provided a temporary workaround for affected users, involving the deployment of a registry key to disable the security notice. However, it’s crucial to note that implementing this workaround will also prevent users from receiving security prompts for other potentially risky file types, not just ICS calendars. Impacted customers are advised to add a new DWORD key with a value of ‘1’ to specific registry paths or follow detailed instructions available in support documents to disable the dialog.
In addition to addressing the current issue, Microsoft has also resolved other known Outlook-related bugs earlier, such as issues causing email clients to fail to connect and crashes when sending emails. These ongoing efforts highlight Microsoft’s commitment to maintaining the security and functionality of its Outlook platform, ensuring a seamless and secure experience for users worldwide.