A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Office and Windows HTML Remote Code Execution Vulnerability (CVE-2023-36884)

Office and Windows HTML Remote Code Execution Vulnerability (CVE-2023-36884)

Advisory No: TZCERT/SA/2023/07/14-01

Date of First Release: 14th July 2023

Source: Microsoft

Software Affected: Microsoft Office and Windows

Overview:

Microsoft has released security workaround to address a critical vulnerability affecting Microsoft Office and Windows. The vulnerability may allow an attacker to take control of affected system.

Description:

Microsoft Office and Windows are affected with a remote code execution vulnerability. The vulnerability allows the attacker to use a specially crafted Microsoft Office document to perform remote code execution in the context of the victim. However, for the exploit to be successful, the attacker must persuade the victims to open the malicious Office document.

Impact:

Successful exploitation of this vulnerability may allow the attacker to control of the affected system.

Solution:

Microsoft has released a workaround for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884
  2. https://securityaffairs.com/148380/hacking/office-zero-day-cve-2023-36884.html

Best free WordPress theme

Check Also

HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 Servers Arbitrary Code Execution (CVE-2021-38578)

Advisory No: TZCERT/SA/2024/04/19 Date of First Release: 19th April 2024 Source: Hewlett Packard Enterprise (HPE) …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.