Microsoft reported a critical Office vulnerability (CVE-2024-38200) that could let attackers access NTLM hashes and login credentials. It affects Office 2016, 2019, LTSC 2021, and Microsoft 365. Users should update immediately and block NTLM traffic.
https://alternativeto.net/news/2024/8/microsoft-urges-updates-for-office-vulnerability-allowing-ntlm-hash-and-login-data-theft/