QID 110437

Microsoft has released March 2023 security updates for outlook to fix a Elevation of Privilege Vulnerability.

This security update contains the following KBs:
KB5002387
KB5002382

QID Detection Logic:
QID Detection Logic (Authenticated):
Operating System: Windows
The detection extracts the Install Path for Microsoft Office via the Windows Registry. The QID checks the file version of "graph.exe" to identify vulnerable versions of Microsft Office. Patched Versions for Microsoft 365 Apps for enterprise, Microsoft 365 Apps for business, Office 2016 Retail (C2R), Office 2019, Office LTSC 2021, and Office 2021 are as follows
Current Channel: Version 2305 (Build 16.0.16501.20210)
Monthly Enterprise Channel: Version 2304 (Build 16.0.16327.20324)
Monthly Enterprise Channel: Version 2303 (Build 16.0.16227.20354)
Semi-Annual Enterprise Channel (Preview): Version 2302 (Build 16.0.16130.20580)
Semi-Annual Enterprise Channel: Version 2208 (Build 16.0.15601.20680)
Semi-Annual Enterprise Channel: Version 2202 (Build 16.0.14931.21024)
Office 2021 Retail: Version 2305 (Build 16.0.16501.20210)
Office 2019 Retail: Version 2305 (Build 16.0.16501.20210)
Office 2016 Retail: Version 2305 (Build 16.0.16501.20210)
Office LTSC 2021 Volume Licensed: Version 2108 (Build 16.0.14332.20517)
Office 2019 Volume Licensed: Version 1808 (Build 16.0.10399.20000)
For traditional MSI Installations, following KBs and version are the required:
KB5002387 - 16.0.5395.1000 (outlook.exe)
KB5002382 - 15.0.5559.1000 (emsmdb32.dll)

Note: Office click-2-run and Office 365 installations need to be updated manually or need to be set to automatic update. There is no direct download for the patch.

Successful exploitation will lead to Remote Code Execution.