"Google-owned threat intelligence company, Mandiant, says that it believes the CVE-2023-23397 Microsoft Outlook zero-day vulnerability has been exploited for nearly a year in order to target both organizations and critical infrastructure."<p>Nearly a year, very nice. Adding to the list of reasons why I hate outlook.
Should we kill Outlook and use web based O365 until a patch is released?<p>O365 web based mail has been pretty good for a while now compared with Outlook if you're in the MS ecosystem. I might just make the switch now and see how I get on.
TLDR: "Alternatively, you can block outbound TCP 445/SMB using a firewall or through VPN settings."<p>Simple and easy: don't allow TCP 445 outside your LAN