A Microsoft Outlook bug has been discovered jeopardizing the security of the Microsoft 365 suite. Tagged as CVE-2023-23397, the bug enables a threat actor to access user credentials by passing along a specially crafted email package. It reportedly features a high ‘wormability’ factor with no user interaction required in most instances. The flaw affects several applications, including MS Office 2019, 2016, 2013, and LTSC.